Inside the $625 Million Axie Hack and What It Means for Crypto Gaming

Videogames based on blockchain networks appear to be a prime target for thieves, raising more concerns about the security of cryptocurrencies held on these decentralized gaming networks.

Thieves targeting Axie Infinity, a popular blockchain-based videogame, made off with 173,600 ether tokens and $25.5 million in USDC, a type of stablecoin that is pegged to the dollar. The theft occurred on March 23, according to developers of Axie, but was announced publicly on March 29. At recent prices for ether, the heist was worth about $615 million, down slightly from the $625 million value when the theft was disclosed.

Axie is a “play-to-earn” game in which users create and collect virtual pets. The creatures are nonfungible tokens, or NFTs, that are traded in the game, using various cryptos as currency. The hack occurred on a blockchain “bridge” network called Ronin, which is used for transferring cryptos between the Ethereum network and Axie. Sky Mavis, the Vietnam-based game studio behind Axie, manages Ronin.

The Ronin hack is disconcerting, partly because of the size of the theft, but also because of how it transpired. Ronin is managed by just nine computer “nodes” that validate transactions in the network. Typically, it takes a majority of nodes to form a consensus on the validity of a transaction, enabling it to be recorded on the blockchain. In this case, the hackers gaining control of just five nodes did the trick.

Axie said it “recruited an all star cast of partners” to secure the Ronin network, according to its foundational white paper. But the attackers still managed to hack the nodes and forge fake withdrawals, Axie said in a post on the attack.

In response, Axie said it has increased the threshold for validating transactions to eight nodes from five, according to the Ronin’s Newsletter site. “While the investigations are ongoing, at this point we are certain that this was an external breach,” the site said on Wednesday. “All evidence points to this attack being socially engineered, rather than a technical flaw.”

Axie also said it is working with the blockchain data firms Chainalysis and