Axie Infinity Ronin Bridge Unauthorized Treasury Access: Difference between revisions

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search
(Starting up editing article.)
(Updated, completed initial 30 minutes on this case so far.)
Line 4: Line 4:
[[File:Axieinfinity.jpg|thumb|Axie Infinity]]Axie Infinity is a play-to-earn game with $4b in NFT sales. Rather than set up a proper multi-signature wallet, the keys were split between a small number of validators, and additional access was available for someone who no longer needed it. A hacker managed to gain access to 5 of the 9 keys and made off with $625m worth of Ethereum and USDC.
[[File:Axieinfinity.jpg|thumb|Axie Infinity]]Axie Infinity is a play-to-earn game with $4b in NFT sales. Rather than set up a proper multi-signature wallet, the keys were split between a small number of validators, and additional access was available for someone who no longer needed it. A hacker managed to gain access to 5 of the 9 keys and made off with $625m worth of Ethereum and USDC.


This is a global/international case not involving a specific country.<ref name="businessinsidermarkets-7734" /><ref name="roninblockchainsubstack-7735" /><ref name="treasurydepartment-7736" /><ref name="axiesubstack-7737" /><ref name="etherscan-7738" /><ref name="etherscan-7739" /><ref name="etherscan-7740" /><ref name="businessinsidermarkets-7741" /><ref name="businessinsidermarkets-7742" /><ref name="czbinancetwitter-7743" /><ref name="philrosenntwitter-7744" /><ref name="wikipedia-7745" /><ref name="axieinfinity-7746" /><ref name="axieinfinitywhitepaper-7747" /><ref name="yahoofinance-7725" /><ref name="youtube-8054" /><ref name="youtube-8160" /><ref name="gadgets360-8151" /><ref name="nytimes-9826" /><ref name="nytimes-9827" />
This is a global/international case not involving a specific country.<ref name="roninblockchainsubstack-7735" /><ref name="treasurydepartment-7736" /><ref name="axiesubstack-7737" /><ref name="etherscan-7738" /><ref name="etherscan-7739" /><ref name="etherscan-7740" /><ref name="businessinsidermarkets-7741" /><ref name="businessinsidermarkets-7742" /><ref name="czbinancetwitter-7743" /><ref name="philrosenntwitter-7744" /><ref name="wikipedia-7745" /><ref name="axieinfinity-7746" /><ref name="axieinfinitywhitepaper-7747" /><ref name="yahoofinance-7725" /><ref name="youtube-8054" /><ref name="youtube-8160" /><ref name="gadgets360-8151" /><ref name="nytimes-9826" /><ref name="nytimes-9827" />


== About Axie Infinity ==
== About Axie Infinity ==
Line 96: Line 96:
|Main Event
|Main Event
|Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.
|Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.
|-
|March 29th, 2022 10:29:00 AM MDT
|Community Alert Posted
|The Ronin Chain publishes a community alert. They reportedly became aware of the exploit that same day after a user reported that they were unable to withdraw 5,000 ethereum from the vault<ref name="roninblockchainsubstack-7735" />. TBD more details needed.
|-
|March 29th, 2022 12:41:00 PM MDT
|Market Insider Article on Breach
|Market Insider publishes an article about the exploit. Market Insider reports that a hacker targeted Axie Infinity's Ronin Network, stealing $625 million worth of ether and USDC. The network is reported to have halted transactions on its Ronin Bridge and Katana Dex servers, and is working to recover or reimburse the stolen funds in collaboration with law enforcement officials, forensic cryptographers, and investors. The hack took place the previous Wednesday, with the attacker using hacked private keys to forge fake withdrawals. The native token of the Ronin network, RON, has fallen by 22% following the incident<ref name="businessinsidermarkets-7734" />.
|-
|March 30th, 2022 1:28:00 PM MDT
|Community Alert Updated
|TBD fill in with details<ref name="roninblockchainsubstack-7735" />.
|-
|March 31st, 2022 2:03:00 PM MDT
|Community Alert Updated
|TBD fill in with details<ref name="roninblockchainsubstack-7735" />.
|-
|April 2nd, 2022 3:00:00 AM MDT
|Community Alert Updated
|TBD fill in with details<ref name="roninblockchainsubstack-7735" /><ref>[https://web.archive.org/web/20230420133735/https://blog.roninchain.com/p/community-alert-ronin-validators Community Alert: Ronin Validators Compromised - Ronin Chain Blog Archive April 20th, 2023 7:37:35 AM MDT] (Apr 23, 2023)</ref>. TBD spread source around.
|-
|-
|April 2nd, 2022 8:03:00 AM MDT
|April 2nd, 2022 8:03:00 AM MDT
Line 104: Line 124:
|Phil Rosen Twitter Timeline Published
|Phil Rosen Twitter Timeline Published
|A series of analysis Tweets are published by blockchain researcher Phil Rosen. Twitter later publishes a special feature event timeline<ref name="twitterevents-7732" />.
|A series of analysis Tweets are published by blockchain researcher Phil Rosen. Twitter later publishes a special feature event timeline<ref name="twitterevents-7732" />.
|-
|April 6th, 2022 5:12:00 AM MDT
|Community Alert Updated
|A $150m USD funding round is led by Binance, with participation from Animoca Brands, a16z, Dialectic, and Paradigm. The round combined with Sky Mavis and Axie balance sheet funds, will reportedly be used to ensure that all users affected by the Ronin Validator Hack will be reimbursed. The bridge will relaunch after security upgrades are completed<ref name="roninblockchainsubstack-7735" />.
|-
|April 14th, 2022 12:00:00 PM MDT
|Community Alert Updated
|The Ronin Chain provides an update to their community. They state the FBI has now attributed the attack to the Lazarus Group, based in North Korea, and that the address receiving the stolen ethereum has now been sanctioned by the US government. They promise to deliver a full post-mortem with details of security implementations by the end of the month<ref name="roninblockchainsubstack-7735" />.
|-
|May 27th, 2022 1:54:00 AM MDT
|Community Alert Updated
|The Ronin Chain provides an update to their community. They state that they've completed an audit by the external firm Verichains, as well as an "internal" audit they conducted themselves. They are also in the process of getting an external audit from CertiK which they expect will take 15 days<ref name="roninblockchainsubstack-7735" />.
|-
|June 21st, 2022 10:54:00 AM MDT
|Community Alert Updated
|The Ronin Chain publishes an update to their community. They state that the CertiK audit is now completed and came back with only minor suggestions. They will be implementing the suggestions and are still on track to relaunch in the same month<ref name="roninblockchainsubstack-7735" />.
|-
|June 23rd, 2022 10:37:00 AM MDT
|Community Alert Updated
|The Ronin Chain published an update to their community. The post included a plan to reopen the Ronin Bridge on June 28th with all user funds returned. This includes a software update to the validation system. Validators are reportedly already instructed on how to upgrade, and non-validators are provided instructions to upgrade<ref name="roninblockchainsubstack-7735" />.
|-
|June 28th, 2022 2:19:00 AM MDT
|Community Alert Updated
|The Ronin Chain published an update to their community. They report that the Ronin hard-fork which required all validators to update their software has been successful and the Ronin Bridge is still on track to be opened today<ref name="roninblockchainsubstack-7735" />.
|}
|}


Line 145: Line 189:
<ref name="twitterevents-7732">[https://twitter.com/i/events/1510264041289179140 A hacker just stole over $600 million in crypto. Experts explain the historic swindle — and why cyberattacks shouldn't discourage adoption of digital assets. - Twitter Events] (Apr 4, 2022)</ref>
<ref name="twitterevents-7732">[https://twitter.com/i/events/1510264041289179140 A hacker just stole over $600 million in crypto. Experts explain the historic swindle — and why cyberattacks shouldn't discourage adoption of digital assets. - Twitter Events] (Apr 4, 2022)</ref>
<ref name="businessinsidermarkets-7733">[https://markets.businessinsider.com/news/currencies/axie-infinity-hack-ronin-network-crypto-adoption-eth-blockchain-2022-4 Axie Infinity Hack Shouldn't Discourage Crypto Adoption, Experts Say - Market Insider] (May 21, 2022)</ref>
<ref name="businessinsidermarkets-7733">[https://markets.businessinsider.com/news/currencies/axie-infinity-hack-ronin-network-crypto-adoption-eth-blockchain-2022-4 Axie Infinity Hack Shouldn't Discourage Crypto Adoption, Experts Say - Market Insider] (May 21, 2022)</ref>
<ref name="businessinsidermarkets-7734">[https://markets.businessinsider.com/news/currencies/crypto-hack-ronin-network-heist-cybercrime-cryptocurrency-axie-infinity-polynetwork-2022-3 One of the Largest Crypto Hacks Ever Hits Ronin Network] (May 21, 2022)</ref>
<ref name="businessinsidermarkets-7734">[https://markets.businessinsider.com/news/currencies/crypto-hack-ronin-network-heist-cybercrime-cryptocurrency-axie-infinity-polynetwork-2022-3 One of the Largest Crypto Hacks Ever Hits Ronin Network - Market Insider] (May 21, 2022)</ref>
<ref name="roninblockchainsubstack-7735">https://roninblockchain.substack.com/p/community-alert-ronin-validators (May 21, 2022)</ref>
<ref name="roninblockchainsubstack-7735">[https://roninblockchain.substack.com/p/community-alert-ronin-validators Community Alert: Ronin Validators Compromised - Ronin Chain Blog] (May 21, 2022)</ref>
<ref name="treasurydepartment-7736">[https://home.treasury.gov/policy-issues/financial-sanctions/recent-actions/20220414 North Korea Designation Update | U.S. Department of the Treasury] (May 21, 2022)</ref>
<ref name="treasurydepartment-7736">[https://home.treasury.gov/policy-issues/financial-sanctions/recent-actions/20220414 North Korea Designation Update | U.S. Department of the Treasury] (May 21, 2022)</ref>
<ref name="axiesubstack-7737">https://axie.substack.com/p/funding (May 21, 2022)</ref>
<ref name="axiesubstack-7737">https://axie.substack.com/p/funding (May 21, 2022)</ref>

Revision as of 14:05, 23 April 2023

Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' and 'General Prevention' sections to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Axie Infinity

Axie Infinity is a play-to-earn game with $4b in NFT sales. Rather than set up a proper multi-signature wallet, the keys were split between a small number of validators, and additional access was available for someone who no longer needed it. A hacker managed to gain access to 5 of the 9 keys and made off with $625m worth of Ethereum and USDC.

This is a global/international case not involving a specific country.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19]

About Axie Infinity

"Axie Infinity is a NFT-based online video game developed by Vietnamese studio Sky Mavis, which uses Ethereum-based cryptocurrency AXS (Axie Infinity Shards) and SLP (Smooth Love Potion)." The "Axie Infinity game universe filled with fascinating creatures, Axies, that players can collect as pets. Players aim to battle, breed, collect, raise, and build kingdoms for their Axies. The universe has a player-owned economy where players can truly own, buy, sell, and trade resources they earn in the game through skilled-gameplay and contributions to the ecosystem."

"There are and will be many varied games experiences for Axies. Many of them will have players compete with each other using complex strategies and tactics to attain top rankings or be rewarded with coveted resources. Others will have them complete quests, defeat bosses, and unlock in-depth storylines."

"Ronin is a blockchain protocol linked to Axie Infinity, a popular play-to-earn game with $4 billion in NFT sales that sees over 2.8 million players logging on each day."

"The developer behind @AxieInfinity built a "side chain" (the @Ronin_Network)." "The side chain had nine so-called validator nodes, which are proof-of-stake tools that confirm transactions. At least five are necessary to approve each transaction. Sky Mavis oversaw five, and Axie Decentralized Autonomous Organization controlled four. Sky Mavis said it discontinued its agreement with the DAO in December but never revoked the permissions it allowed."

"Sky Mavis’ Ronin chain currently consists of 9 validator nodes. In order to recognize a Deposit event or a Withdrawal event, five out of the nine validator signatures are needed." "[B]ack [in] November 2021 Sky Mavis requested help from the Axie DAO to distribute free transactions due to an immense user load. The Axie DAO allowlisted Sky Mavis to sign various transactions on its behalf. This was discontinued in December 2021, but the allowlist access was not revoked." "The validator key scheme is set up to be decentralized so that it limits an attack vector, similar to this one, but [there was] a backdoor through [a] gas-free RPC node, which [could be] abused to get the signature for the Axie DAO validator."

"Ronin said in a Tuesday blog post that the attacker stole roughly $625 million in crypto, draining 173,600 ether and 25.5 million USDC." "There has been a security breach on the Ronin Network. Earlier today, we discovered that on March 23rd, Sky Mavis’s Ronin validator nodes and Axie DAO validator nodes were compromised resulting in 173,600 Ethereum and 25.5M USDC drained from the Ronin bridge in two transactions (1 and 2). The attacker used hacked private keys in order to forge fake withdrawals." "The Sky Mavis team discovered the security breach on March 29th, after a report that a user was unable to withdraw 5k ETH from the bridge."

"The hacker took over four of Sky Mavis' validator nodes and one from Axie DAO, enabling access to the crypto and eventually the massive theft. Sky Mavis said it has since replaced all of its validators and is working to reimburse the stolen funds."

"The attacker used hacked private keys in order to forge fake withdrawals." "Five validator private keys were hacked; 4 Sky Mavis validators and 1 Axie DAO." "Once the attacker got access to Sky Mavis systems they were able to get the signature from the Axie DAO validator by using the gas-free RPC. We have confirmed that the signature in the malicious withdrawals match up with the five suspected validators."

Funds stolen in the crypto hack include "deposits of players and speculators and the Axie Infinity Treasury revenue," Larsen said. "The heist, which wasn't detected until almost a week after it occurred, is believed to be one of the biggest in the history of crypto and highlights the sector's immense risks."

"The easiest way to look at this is like the bridge is the bank for the Ronin Network," Larsen said. "The heist that happened took out all the ETH and USDC. So the ETH/USDC on Ronin Network is not currently backed by anything. But we are looking at other options."

"We moved swiftly to address the incident once it became known and we are actively taking steps to guard against future attacks. To prevent further short term damage, we have increased the validator threshold from five to eight. We are in touch with security teams at major exchanges and will be reaching out to all in the coming days. We are in the process of migrating our nodes, which is completely separated from our old infrastructure."

"We have temporarily paused the Ronin Bridge to ensure no further attack vectors remain open. Binance has also disabled their bridge to/from Ronin to err on the side of caution. The bridge will be opened up at a later date once we are certain no funds can be drained."

"Most of the stolen funds remain in the attacker's address, but about 6,250 ether has been transferred to a slate of other addresses." "Binance has resumed withdrawals for Axie Infinity Shards (AXS) and Smooth Love Potion (SLP)."

"We are working with law enforcement officials, forensic cryptographers, and our investors to make sure all funds are recovered or reimbursed," Ronin Network wrote. "The attacker used hacked private keys in order to forge fake withdrawals."

"Max Galka, CEO of crypto forensics firm Elementus, pointed to the lapsed DAO deal as a major oversight, noting that vulnerabilities arise when cryptocurrencies are stored in side chains rather than native blockchains." "The hacker exploited a key oversight here to drain millions in tokens, said @galka_max, CEO of @elementus_io. (@BusinessInsider)" "@galka_max pointed to the lapsed DAO deal as a major mistake, noting that vulnerabilities arise when cryptocurrencies are stored in side chains rather than native blockchains. (@BusinessInsider, @MktsInsider)" "They never removed what was meant to be a temporary measure. It was an outright error," he told Insider.

"It was pure human error," @amber_ghaddar said. "If consumers aren't protected from things like this, the industry is going to fail," she said. (@BusinessInsider)"

"It's a cybersecurity issue, not a cryptocurrency issue," @ARedbord said. "The government is calling for crypto regulation, but really what would help is a hardening of cyberdefenses, rather than focusing on crypto." (@BusinessInsider)

"Solutions could include funding for additional intelligence tools as well as more robust and pervasive cybersecurity networks, @trmlabs said. @amber_ghaddar added that educational outreach could be beneficial too. (@BusinessInsider)"

"We need to focus on building out a trust layer in the crypto economy—anti-money laundering infrastructure, compliance controls, cybersecurity—so that people will interact with this new online financial system," @ARedbord said.

"Sky Mavis announced a 150 million USD funding round led by Binance with participation from Animoca Brands, a16z, Dialectic, Paradigm. The round combined with Sky Mavis and Axie balance sheet funds, will be used to ensure that all users affected by the Ronin Validator Hack will be reimbursed. The Ronin Network bridge will open once it has undergone a security upgrade and several audits, which can take several weeks. Sky Mavis is in the process of implementing rigorous internal security measures to prevent future attacks."

"The 56,000 ETH compromised from the Axie DAO treasury will remain undercollateralized as Sky Mavis works with law enforcement to recover the funds. If the funds are not fully recovered within two years, the Axie DAO will vote on next steps for the treasury. We believe that Axie will go down in history as the first game to imbue players with true digital property rights and recent events have only strengthened this conviction."

"Moving forward, the [multisig] threshold will be eight out of nine. We will be expanding the validator set over time, on an expedited timeline."

"The last 8 days have been the hardest stretch of our four-year journey. Thank you for your bravery, kindness, prayers, and words of support. You’ve been a constant source of energy and inspiration for us as we’ve worked tirelessly to resolve the Ronin breach."

"Binance, the world's largest cryptocurrency exchange, has recovered nearly $6 million from a North Korean group suspected to be behind a $620 million hack of the popular play-to-earn game Axie Infinity."

"The DPRK hacking group started to move their Axie Infinity stolen funds today. Part of it made to Binance, spread across over 86 accounts. $5.8M has been recovered," he wrote, referring to the Democratic People's Republic of Korea.

This is a global/international case not involving a specific country.

The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.

Include:

  • Known history of when and how the service was started.
  • What problems does the company or service claim to solve?
  • What marketing materials were used by the firm or business?
  • Audits performed, and excerpts that may have been included.
  • Business registration documents shown (fake or legitimate).
  • How were people recruited to participate?
  • Public warnings and announcements prior to the event.

Don't Include:

  • Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
  • Anything that wasn't reasonably knowable at the time of the event.

There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - Axie Infinity Ronin Bridge Unauthorized Treasury Access
Date Event Description
March 23rd, 2022 7:29:09 AM MDT Main Event Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.
March 29th, 2022 10:29:00 AM MDT Community Alert Posted The Ronin Chain publishes a community alert. They reportedly became aware of the exploit that same day after a user reported that they were unable to withdraw 5,000 ethereum from the vault[1]. TBD more details needed.
March 29th, 2022 12:41:00 PM MDT Market Insider Article on Breach Market Insider publishes an article about the exploit. Market Insider reports that a hacker targeted Axie Infinity's Ronin Network, stealing $625 million worth of ether and USDC. The network is reported to have halted transactions on its Ronin Bridge and Katana Dex servers, and is working to recover or reimburse the stolen funds in collaboration with law enforcement officials, forensic cryptographers, and investors. The hack took place the previous Wednesday, with the attacker using hacked private keys to forge fake withdrawals. The native token of the Ronin network, RON, has fallen by 22% following the incident[20].
March 30th, 2022 1:28:00 PM MDT Community Alert Updated TBD fill in with details[1].
March 31st, 2022 2:03:00 PM MDT Community Alert Updated TBD fill in with details[1].
April 2nd, 2022 3:00:00 AM MDT Community Alert Updated TBD fill in with details[1][21]. TBD spread source around.
April 2nd, 2022 8:03:00 AM MDT Market Insider Article Published Market Insider publishes an article about the exploit, and that it shouldn't stop adoption[22]. TBD expand with more details.
April 2nd, 2022 8:21:00 AM MDT Phil Rosen Twitter Timeline Published A series of analysis Tweets are published by blockchain researcher Phil Rosen. Twitter later publishes a special feature event timeline[23].
April 6th, 2022 5:12:00 AM MDT Community Alert Updated A $150m USD funding round is led by Binance, with participation from Animoca Brands, a16z, Dialectic, and Paradigm. The round combined with Sky Mavis and Axie balance sheet funds, will reportedly be used to ensure that all users affected by the Ronin Validator Hack will be reimbursed. The bridge will relaunch after security upgrades are completed[1].
April 14th, 2022 12:00:00 PM MDT Community Alert Updated The Ronin Chain provides an update to their community. They state the FBI has now attributed the attack to the Lazarus Group, based in North Korea, and that the address receiving the stolen ethereum has now been sanctioned by the US government. They promise to deliver a full post-mortem with details of security implementations by the end of the month[1].
May 27th, 2022 1:54:00 AM MDT Community Alert Updated The Ronin Chain provides an update to their community. They state that they've completed an audit by the external firm Verichains, as well as an "internal" audit they conducted themselves. They are also in the process of getting an external audit from CertiK which they expect will take 15 days[1].
June 21st, 2022 10:54:00 AM MDT Community Alert Updated The Ronin Chain publishes an update to their community. They state that the CertiK audit is now completed and came back with only minor suggestions. They will be implementing the suggestions and are still on track to relaunch in the same month[1].
June 23rd, 2022 10:37:00 AM MDT Community Alert Updated The Ronin Chain published an update to their community. The post included a plan to reopen the Ronin Bridge on June 28th with all user funds returned. This includes a software update to the validation system. Validators are reportedly already instructed on how to upgrade, and non-validators are provided instructions to upgrade[1].
June 28th, 2022 2:19:00 AM MDT Community Alert Updated The Ronin Chain published an update to their community. They report that the Ronin hard-fork which required all validators to update their software has been successful and the Ronin Bridge is still on track to be opened today[1].

Total Amount Lost

The total amount lost has been estimated at $625,000,000 USD.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Total Amount Recovered

The total amount recovered has been estimated at $5,800,000 USD.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

General Prevention Policies

A proper multi-signature storage has all keys offline and held by separate individuals. To store all funds in a hot wallet setup, with limited independence between the validators is significantly less secure, as was demonstrated here.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. 1.00 1.01 1.02 1.03 1.04 1.05 1.06 1.07 1.08 1.09 1.10 Community Alert: Ronin Validators Compromised - Ronin Chain Blog (May 21, 2022)
  2. North Korea Designation Update | U.S. Department of the Treasury (May 21, 2022)
  3. https://axie.substack.com/p/funding (May 21, 2022)
  4. https://etherscan.io/tx/0xc28fad5e8d5e0ce6a2eaf67b6687be5d58113e16be590824d6cfa1a94467d0b7 (May 21, 2022)
  5. https://etherscan.io/tx/0xed2c72ef1a552ddaec6dd1f5cddf0b59a8f37f82bdda5257d9c7c37db7bb9b08 (May 21, 2022)
  6. https://etherscan.io/address/0x098b716b8aaf21512996dc57eb0615e2383e2f96 (May 21, 2022)
  7. Victims of $600 Million Crypto Heist Will Be Reimbursed: Report (May 21, 2022)
  8. Binance Seizes $5.8 Million From $620 Million Axie Infinity Hack (May 21, 2022)
  9. @cz_binance Twitter (May 21, 2022)
  10. @philrosenn Twitter (May 21, 2022)
  11. Axie Infinity - Wikipedia (May 21, 2022)
  12. https://axieinfinity.com/ (May 21, 2022)
  13. Axie Infinity - Axie Infinity (May 21, 2022)
  14. Trezor Issues Data Breach Warning As Users Cite Phishing Attacks (May 21, 2022)
  15. The LUNA and UST crash — WTF happened? Will they recover? | The Market Report - YouTube (Jun 18, 2022)
  16. The LUNA and UST crash — WTF happened? Will they recover? | The Market Report - YouTube (Jun 20, 2022)
  17. Bored Ape Yacht Club Instagram, Discord Hacked, NFTs Worth $13.7 Million Stolen | Technology News (Jun 20, 2022)
  18. The Crypto World Is on Edge After a String of Hacks - The New York Times (Nov 30, 2022)
  19. How North Korea Used Crypto to Hack Its Way Through the Pandemic - The New York Times (Nov 30, 2022)
  20. One of the Largest Crypto Hacks Ever Hits Ronin Network - Market Insider (May 21, 2022)
  21. Community Alert: Ronin Validators Compromised - Ronin Chain Blog Archive April 20th, 2023 7:37:35 AM MDT (Apr 23, 2023)
  22. Axie Infinity Hack Shouldn't Discourage Crypto Adoption, Experts Say - Market Insider (May 21, 2022)
  23. A hacker just stole over $600 million in crypto. Experts explain the historic swindle — and why cyberattacks shouldn't discourage adoption of digital assets. - Twitter Events (Apr 4, 2022)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Axie_Infinity_Ronin_Bridge_Unauthorized_Treasury_Access&oldid=3528"