What you need to know about the Ronin $830m crypto heist

Ronin is used in Axie Infinity, one of the world's most popular online games involving cryptocurrencies. PHOTO: AFP

LONDON (REUTERS, BLOOMBERG) - Hackers have stolen cryptocurrency worth almost US$615 million (S$836 million) from a blockchain project linked to popular online game Axie Infinity, the latest cyber heist to hit the digital asset sector.

Ronin, a blockchain network that lets users transfer crypto in and out of the game, said on March 29 the theft happened on March 23 but was not detected until almost a week later.

Here is what you need to know about the Ronin heist.

Crypto's a big deal now, right?

Indeed. Bitcoin and other digital currencies have exploded into public view in recent years, with mainstream investors embracing the sector in droves during the Covid-19 pandemic.

The sector's now worth over US$2.1 trillion. As money has poured in, the hacks and heists that have long plagued crypto have also grown also size.

And how does Ronin fit in?

Ronin is used in Axie Infinity, one of the world's most popular online games involving cryptocurrencies.

Its products include a digital wallet for storing crypto, and a "bridge" that allows users to move funds in and out of the game. This is where the crypto were stolen from.

Ronin takes its name from the samurai warriors of feudal Japan who did not serve any particular lord. The name "represents our desire to take the destiny of our product into our own hands", Axie Infinity said in a blog post.

Vietnam-based Sky Mavis launched Axie Infinity in 2018.

Mr Jeffrey Zirlin, one of Axie Infinity's founders, said at a conference on March 29: "It is one of the bigger hacks in history and we're fully committed to continue building."

How did the heist happen?

The Ronin hacker used stolen private keys - the passwords needed to access crypto funds - Ronin said in a blog post, after targeting computers connected to its network that help confirm transactions.

Ronin said it discovered the hack on March 29 and that it was working with "various government agencies to ensure the criminals get brought to justice".

The identity of the hackers is still unclear.

And Axie Infinity?

Axie Infinity says it has 2.8 million daily active players, with some US$3.6 billion previously traded on its marketplace, making it one of the most popular blockchain-based online games.

Set in a fictional universe, players can collect, trade and play with virtual creatures called Axies, which are traded in the form of non-fungible tokens (NFTs) and sell for hundreds of thousands of dollars.

It is the largest NFT brand by all-time sales volume, according to market tracker CryptoSlam.

The game has attracted venture capital funding, raising US$152 million in October from investors including Andreessen Horowitz.

Axie and other "play-to-earn" games allow players to spend crypto and earn financial rewards. They have surged in popularity in the past year, as a frenzy in the NFT world prompted investors to speculate in the hope of large returns.

Where's the loot now? And are users affected?

Most of the stolen funds are still in a digital wallet, which is available to view.

Blockchain Intelligence Group, a Vancouver-based crypto tracker, said that the hackers had moved a small amount of the funds to major exchanges FTX, Crypto.com and Huobi.

Huobi said it was investigating the hack and communicating closely with Axie Infinity. FTX and Crypto.com did not immediately responded to requests for comment.

On Monday, a hacker moved some of the cryptocurrency stolen from the Axie Infinity gaming platform to a service that helps users mask transactions.

About 2,000 Ether tokens, valued at around US$7 million, that were lifted from Axie Infinity's Ronin software bridge last month were moved to Tornado Cash, blockchain data shows. Tornado Cash founders did not respond Monday to a request for comment.

Tornado Cash is designed to preserve privacy on the Ethereum blockchain. Its technology breaks the link between the sender and receiver's addresses on transactions sent to the Ethereum blockchain. The protocol has been used in the past by hackers who took US$34 million from Crypto.com.

Ronin said in a blogpost that Sky Mavis was "committed to ensuring that all of the drained funds are recovered or reimbursed". Making sure there is no loss of funds "is our top priority", it added.

It said it was working with major blockchain tracker Chainalysis to trace the stolen funds. Chainalysis declined to comment.

On Wednesday, Sky Mavis said that crypto exchange Binance is leading investors' contribution to a bailout of victims of the digital coin theft.

Sky Mavis said it would reimburse the lost money through a combination of its own balance sheet funds and US$150 million raised by investors including cryptocurrency exchange Binance and venture capital firm a16z.

The Ronin part of the network, which was hacked, will reopen after a security upgrade and audits which "can take several weeks", Sky Mavis said.

The "funding round" will allow users to withdraw and deposit their money, the company said.

Binance and Sky Mavis did not put a figure on how much of the US$150 million Binance would provide.

Join ST's Telegram channel and get the latest breaking news delivered to you.