Actu
COMMENT: attack on popular video game Axie Infinity where hackers swiped $625 million in cryptocurrency
March 2022 by Kelvin Murray, Senior Threat Researcher at Webroot
This morning we saw that there was an attack on popular video game Axie Infinity where hackers swiped $625 million in cryptocurrency, marking one of the largest crypto thefts to date amid rising rates of such crime.
“The cryptocurrency space is the wild west right now. Unfortunately, one of the downsides of an unregulated currency is that there is no organisation or authority where victims can go to get justice if they have been hacked. In this case, it’s unlikely that the huge sum of over $625 million, stolen anonymously via a blockchain vulnerability, will be easily traced or fully recovered, although Ronin are working with law enforcement and the major exchanges to track its movement and monitor attempts to launder the money.
This theft is an interesting case involving cryptocurrencies, emerging proof-of-stake blockchain technology and the huge financial world of in-game credit. The gaming sector is worth hundreds of billions and as we have seen in other large cyber-attacks against Capcom and EA, malicious actors are targeting games companies to get their share on the action.
While cryptocurrency itself is theoretically private and safe, in practice it rarely is, especially at points of transaction or when it is being converted or put into wallets. We would not recommend that anyone jumps headlong into crypto with large sums before taking the time to learn about the architecture and pitfalls of virtual currencies. Very often stolen funds are completely unretrievable from a legal or practical standpoint.
The attack should serve as a reminder for businesses to begin implementing better cyber hygiene – including multi-factor authentication and strong password practices – to prevent breaches. And as cyberattacks on cryptocurrency become more commonplace, consumers should choose hardware wallets to best secure their own personal keys and hence, their funds.
The attack should serve as a reminder for businesses to begin implementing better cyber hygiene – including multi-factor authentication and strong password practices – to prevent breaches. And as cyberattacks on cryptocurrency become more commonplace, consumers should choose hardware wallets to best secure their own personal keys and hence, their funds. In this instance, it took almost a week for the theft to be detected – this shows the criticality of strong monitoring and alerting around changes to cryptocurrency assets”
