From: thepipeline_xyz
Overview of Axie and Sky Mavis
Axie is a popular game developed by Sky Mavis, which is believed to be the parent company of the blockchain company Ronin [00:00:04]. The game operates on the Ronin blockchain [00:00:00], [00:00:02].
The Ronin Bridge Hack
The Ronin blockchain, which hosts Axie, experienced a significant security breach. An engineer was compromised after being “fished” with a job offer, leading them to click an executable [00:00:10], [00:00:13], [00:00:18].
Exploitation of Multi-Signature System
A critical point of failure was that the compromised device of one Sky Mavis employee gained access to four keys of a multi-signature system [00:00:20]. A multi-signature (multi-sig) is a system that requires multiple keys to unlock, similar to a door needing many keys [00:00:28]. In this case, five out of nine keys were required to unlock it [00:00:34], [00:00:37].
Through social engineering, the attackers obtained four of these keys [00:00:41]. They then performed “lateral movement,” shifting from the initially compromised device to another to acquire an additional key [00:00:44], [00:00:47], [00:00:48]. This gave them all five necessary keys [00:00:50], [00:00:52].
Aftermath
The breach, stemming from a seemingly innocuous office email, resulted in damages of approximately half a billion dollars [00:01:00], [00:01:02]. It is considered potentially the largest hack in history [00:00:56], [00:00:58].