As I mentioned a couple of weeks ago, I thought I would dig into the cybersecurity element of blockchain. The big deal here, obviously, being the hack of Axie Infinity in March that netted the hackers over 600million USD in then current value. But how was Axie Infinity hacked when blockchain is supposed to be a secure method for storing interactions?
There are a few ways that a blockchain can be hacked. To understand how, I first have to explain the nodes in a blockchain. These nodes reproduce whenever a new device is added to the blockchain and contain smart contracts which allow for the blockchain to confirm whether a new transaction meets the criteria of legitimacy needed to be added to the blockchain. In order for a new transaction to be added a majority of the nodes must agree to the addition. This gives rise to 51% attacks.
A 51% attack occurs when a hacker takes control of a majority of the nodes and creates a forked branch of the blockchain that can be controlled by the hackers. This is most likely to happen for new or small blockchains and was not the method used by the hackers of Axie Infinity.
Another method that hackers can use to access blockchains is through a traditional pushing exercise in which they convince a user to click on a malicious link and thus steal the login details of that users crypto-wallet. The wallet is the most vulnerable aspect of crypto currency as it exists as a linked digital space outside the blockchain and is subject to the same vulnerabilities that a traditional stock portfolio would experience.
The third method is attacking a weakness in the smart contracts that govern activity on the blockchain. This is how the hackers managed to break into Axie Infinity’s blockchain holdings. By manipulating a weakness on the Ronin Bridge sidechain that was developed by Sky Mavis exclusively to operate Axie Infinity on the Ethereum blockchain. A sidechain is essentially an authorized fork that allows a different smart contract to control the sidechain than the ones used on the main chain.
The weakness specifically allowed the hackers to access validation nodes in the sidechain that allowed them to imitate legitimate transactions in their own favor.
According to techtarget.com the value of the theft was 620 million USD worth of Ethereum and US Coin. Despite this amount, the actual value of the theft has dropped considerably as a result of recent losses in cryptocurrency value.
Soon after the theft was announced, the USA Federal Bureau of Investigation announced that the hack was instigated by APT38 and the Lazarus Group, both state sponsored hacking units based in North Korea. According to the same article, North Korea utilizes the hacking activities of these and other groups to further their missile and nuclear activities. North Korea has reached a level of sophistication to rank it with Russia, Iran, and China as the four biggest state sponsored hacking activists.
But for a country like Vietnam, which consistently ranks at the top of cryptocurrency and NFT adoption surveys, how can they protect those interests from the likes of the Lazarus Group and other nation-state hackers?
Unfortunately, aside from adopting basic cybersecurity procedures to protect crypto wallets, there is little an average crypto user can do. It is worth noting that two multi-million dollar heists in the last two years resulted from a hacked crypto-wallet password. It is also worth noting that the majority of North Korea’s hacking activities take the form of targeted phishing. That means that separating your wallet from your internet access could be a useful prevention, as is developing the habit of not clicking on suspicious links or on links from strangers.
While I am nor a cybersecurity specialist, I do understand that hackers operating in the big four countries are all but immune to legal consequences as they are protected by their governments. Even if it were possible to bring one of these hackers to justice, the problem of jurisdiction remains. Neither Russia nor China I’d likely to deport a hacker who works to fund their state activities to a third country to face criminal charges.
And the likelihood of the situation improving remains minimal. Without any international framework to govern blockchain and cryptocurrency, and with the fact that most cryptocurrencies are decentralized and do not have an actual legal entity behind them, there is nothing that can be done to retrieve stolen funds. Thus, the importance of preventative measures rises to the forefront and researching crypto wallets and exchanges before buying or storing funds of any kind is strongly suggested.