Investigators are on the trail of hackers who spirited away more than US$600 million in cryptocurrency last week, watching the money as it moves around a system that critics call the Wild West of finance.
But they are playing catch-up: the gaming company that got scammed apparently did not even notice for six days.
The hack is one of the biggest to hit the crypto world, raising huge questions about security in an industry that only recently burst into the mainstream thanks to celebrity promotions and promises of untold wealth.
Photo: REUTERS
The sector has been beset by scams and hacks.
This week’s theft from the makers of Axie Infinity, a game where players can earn crypto through game play or trading their avatars, came just weeks after thieves made off with around US$320 million in a similar attack.
“We are seeing more hacks because there is more money in blockchain,” said Roman Bieda of Coinfirm, a crypto security company, referring to the technology that underpins cryptocurrencies.
Photo: Bloomberg
The industry should have learned the lessons from previous attacks but security was still being sacrificed for profit, he added, labelling Axie’s failure to notice the hack a “huge deficiency.”
REFUNDS PROMISED
The Axie Infinity attackers exploited weaknesses in the set-up put in place by the Vietnam-based firm behind the game, Sky Mavis.
The company had to solve a problem: the ethereum blockchain, where transactions in the ether cryptocurrency are logged, is relatively slow and expensive to use.
To allow Axie Infinity players to buy and sell at speed, the firm created an in-game currency and a sidechain with a bridge to the main ethereum blockchain.
The result was faster and cheaper — but ultimately less secure.
Hackers were able to take over the sidechain and empty its coffers apparently without anyone realizing, something experts say would be all but impossible on the ethereum blockchain.
The firm said it would recover or reimburse the funds, easing the anxiety of gamers — particularly in the Philippines where hundreds of thousands play Axie Infinity.
“Some of the Philippine community right now are going crazy because of what happened,” said Dominic Lumabi, a gamer from Manila.
Some feared the game would close and money would be lost, he said, adding that he was relieved Sky Mavis was being transparent.
But the firm faces a tough challenge to get the money back.
‘CONSTANT BATTLE’
Security firms are monitoring the stolen money as it moves through various wallets, as accounts are called in the crypto-world.
Blockchain data platform Chainalysis is helping Sky Mavis track the money, and Elliptic said it was investigating and alerting its clients.
Bieda from Coinfirm said that sooner or later the perpetrators would be traced.
“The bigger the amount, the harder it is to hide,” he said.
But even though investigators can see where the money is, there are tricks the thieves can use.
They can employ software that mixes the stolen money with legitimate streams, use exchanges with lax rules, or move their funds to a jurisdiction with no rules at all such as North Korea or Russia.
Any of those moves makes it much easier to transfer the cryptocurrency into everyday, spendable cash.
It is a “constant battle” between the thieves and those trying to stop them, said Bieda.
“Adoption (of cryptocurrency) is growing, more protocols and more solutions are created, but the pursuit of cheap transactions and profit means the industry sometimes... forgets about security.”
June 2 to June 8 Taiwan’s woodcutters believe that if they see even one speck of red in their cooked rice, no matter how small, an accident is going to happen. Peng Chin-tian (彭錦田) swears that this has proven to be true at every stop during his decades-long career in the logging industry. Along with mining, timber harvesting was once considered the most dangerous profession in Taiwan. Not only were mishaps common during all stages of processing, it was difficult to transport the injured to get medical treatment. Many died during the arduous journey. Peng recounts some of his accidents in
What does the Taiwan People’s Party (TPP) in the Huang Kuo-chang (黃國昌) era stand for? What sets it apart from their allies, the Chinese Nationalist Party (KMT)? With some shifts in tone and emphasis, the KMT’s stances have not changed significantly since the late 2000s and the era of former president Ma Ying-jeou (馬英九). The Democratic Progressive Party’s (DPP) current platform formed in the mid-2010s under the guidance of Tsai Ing-wen (蔡英文), and current President William Lai (賴清德) campaigned on continuity. Though their ideological stances may be a bit stale, they have the advantage of being broadly understood by the voters.
Artifacts found at archeological sites in France and Spain along the Bay of Biscay shoreline show that humans have been crafting tools from whale bones since more than 20,000 years ago, illustrating anew the resourcefulness of prehistoric people. The tools, primarily hunting implements such as projectile points, were fashioned from the bones of at least five species of large whales, the researchers said. Bones from sperm whales were the most abundant, followed by fin whales, gray whales, right or bowhead whales — two species indistinguishable with the analytical method used in the study — and blue whales. With seafaring capabilities by humans
In a high-rise office building in Taipei’s government district, the primary agency for maintaining links to Thailand’s 108 Yunnan villages — which are home to a population of around 200,000 descendants of the Chinese Nationalist Party (KMT) armies stranded in Thailand following the Chinese Civil War — is the Overseas Community Affairs Council (OCAC). Established in China in 1926, the OCAC was born of a mandate to support Chinese education, culture and economic development in far flung Chinese diaspora communities, which, especially in southeast Asia, had underwritten the military insurgencies against the Qing Dynasty that led to the founding of
RSS