Explainer-Ronin’s $615 million crypto heist

FILE PHOTO: Logos displayed in front of binary code illustration
FILE PHOTO: Bitcoin cryptocurrency representation is pictured on a keyboard in front of binary code in this illustration taken September 24, 2021. REUTERS/Dado Ruvic

March 30, 2022

By Tom Wilson and Elizabeth Howcroft

LONDON (Reuters) – Hackers have stolen cryptocurrency worth almost $615 million from a blockchain project linked to popular online game Axie Infinity, the latest cyberheist to hit the digital asset sector.

Ronin, a blockchain network that lets users transfer crypto in and out of the game, said on Tuesday the theft happened on March 23 but was not detected until almost a week later.

Here’s what you need to know about the Ronin heist.

CRYPTO’S A BIG DEAL NOW, RIGHT?

Indeed.

Bitcoin and other digital currencies have exploded into public view in recent years, with mainstream investors embracing the sector in droves during the COVID-19 pandemic.

The sector’s now worth over $2.1 trillion. As money has poured in, the hacks and heists that have long plagued crypto have also grown also size.

AND HOW DOES RONIN FIT IN?

Ronin is used in Axie Infinity, one of the world’s most popular online games involving cryptocurrencies.

Its products include a digital wallet for storing crypto, and a “bridge” that allows users to move funds in and out of the game. This is where the crypto were stolen from.

Ronin takes its name from the samurai warriors of feudal Japan who did not serve any particular lord. The name “represents our desire to take the destiny of our product into our own hands,” Axie Infinity said in a blog post.

Vietnam-based Sky Mavis, which launched Axie Infinity in 2018, did not respond to multiple requests for comment. Ronin also did not return Reuters’ messages.

Jeffrey Zirlin, one of Axie Infinity’s founders, said at a conference on Tuesday: “It is one of the bigger hacks in history and we’re fully committed to continue building.”

HOW DID THE HEIST HAPPEN?

The Ronin hacker used stolen private keys – the passwords needed to access crypto funds – Ronin said in a blog post, after targeting computers connected to its network that help confirm transactions.

Ronin said it discovered the hack on Tuesday and that it was working with “various government agencies to ensure the criminals get brought to justice”.

The identity of the hackers is still unclear.

AND AXIE INFINITY?

Axie Infinity says it has 2.8 million daily active players, with some $3.6 billion previously traded on its marketplace, making it one of the most popular blockchain-based online games.

Set in a fictional universe, players can collect, trade and play with virtual creatures called Axies, which are traded in the form of non-fungible tokens (NFTs) and sell for hundreds of thousands of dollars.

It is the largest NFT brand by all-time sales volume, according to market tracker CryptoSlam.

The game has attracted venture capital funding, raising $152 million in October from investors including Andreessen Horowitz.

Axie and other “play-to-earn” games allow players to spend crypto and earn financial rewards. They have surged in popularity in the past year, as a frenzy in the NFT world prompted investors to speculate in the hope of large returns.

WHERE’S THE LOOT NOW? AND ARE USERS AFFECTED?

Most of the stolen funds are still in a digital wallet, which is available to view.

Blockchain Intelligence Group, a Vancouver-based crypto tracker, said that the hackers had moved a small amount of the funds to major exchanges FTX, Crypto.com and Huobi.

Huobi said it was investigating the hack and communicating closely with Axie Infinity. FTX and Crypto.com did not immediately responded to requests for comment.

Ronin said in a blogpost that Sky Mavis was “committed to ensuring that all of the drained funds are recovered or reimbursed,” without giving details. Making sure there is no loss of funds “is our top priority”, it added.

It said it was working with major blockchain tracker Chainalysis to trace the stolen funds. Chainalysis declined to comment.

(Reporting by Tom Wilson; Editing by Kirsten Donovan)