Under a ” zero confidence,” Sky Mavis was assumes as an entity under constant risk of attacks, so they will implement new protocols and security measures to shield all its products, services and processes.
***
The company that created the popular game Play to Earn Axie Infinity, Sky Mavis, indicated that it will adopt a new approach to becoming a “Zero-Trust Organization For which they will implement measures aimed at polishing all vulnerabilities and take nothing for granted to avoid going through any other possible attack.
Shifting focus to Sky Mavis
This was indicated by Sky Mavis in a statement published today, where he presented a balance and audit an audit is a process where developers inspect the underlying code and/or algorithm that compose systems and applications. of the events that led to the theft of about $600 million in cryptocurrencies from the network. Ronin. There, the team indicated that it will adopt a posture of constantly looking for new threats to its security, so it will implement a series of operational changes to safeguard all the flanks on which the company operates.
In this regard, the report reads:
“Our goal is to become a totally anti-fragile, zero-confidence organization. Under this concept, we adopt a framework in which it is assumed that Sky Mavis will always be at risk from external and/or internal threats.”
And they add:
“This security the term securities refers to a fungible and tradable financial instrument that carries a type of monetary value. breach served as a reminder that no company is immune to external threats. Cryptocurrency cryptocurrencies are digital currencies that use cryptographic technologies to secure their operation. theft is on the rise and the purpose of this postmortem is to play a small role in keeping the entire industry safer. We hope this information can serve as a guide to other companies that could be subject to such an attack.”
The measures to be implemented
After presenting a chronicle of the events associated with the attack of which they were victims, the team of Sky Mavis presented a brief list of the new goals they are going to work on in order to materialize the previously mentioned change change — a concept relevant to cryptocurrencies that use the UTXO model — is the number of coins sent back to a user after they use their unspent outputs to initiate a transaction. of focus.
En ese sentido, destacan los siguientes aspectos:
- Ongoing work with security experts: Among the companies with which commercial agreements have already been reached are CrowdStrike y Polaris Infosec, which will conduct regular internal surveillance and forensic analysis. There will also be other companies, but information about them was not disclosed to prevent them from being targeted.
- Increases the number of validation nodes for Ronin: Previously only nine nodes were managed, but the long-term goal is to bring this figure to about 100.
- Implementation of stricter internal procedures: Every security area considered within the company, including internal procedures, will be regularly inspected. There will be new protocols for employees, as well as training courses and mechanisms of action to avoid vulnerabilities.
- Constant audits: All code the action of coding is to write programming statements for a program. will be periodically analyzed to detect gaps that can be exploited by attackers, in order to correct and shield the network.
- Launch of bugfix program: A bounty a cryptocurrency bounty is a reward users receive for performing tasks assigned by a given blockchain or project. program will now be open for community members to find bugs and code gaps in the products and services of Mavis Hub. Those who find vulnerabilities will be eligible for rewards ranging up to a maximum of USD $1 million, precisely to encourage active participation among those interested in the project’s success.
The attack against the network a network refers to all nodes in the operation of a blockchain at any given moment in time. Ronin
As many of you probably already know, at the end of last March, the network Ronin was the victim of an attack that resulted in the theft of about $600 million in various tokens. The vulnerability did not compromise users’ funds, but it was evident when people tried to exchange businesses that allow customers to trade cryptocurrencies for fiat money or other cryptocurrencies. cryptocurrencies to take them in and out of the network, as the transactions were not processed due to a lack of funds hosted on the corresponding bridge.
The investigation revealed that the attackers took control of the majority of validator a participant on a proof-of-stake (PoS) blockchain, involved in validating blocks for rewards. nodes (5/9), thereby authorizing the exit of 173,600 ETH and some $25.5 million in tokens USDC, all of this through the bridge connected to the network of Ethereum. According to reports, several of the addresses were reportedly associated with the Lazarus Group, a hacker organization from North Korea, and are believed to be responsible for the events.
In a subsequent round of funding, a number of entities granted funds to Sky Mavis to deal with what has happened. These include Binance, the exchange founded and run by Changpeng Zhao (CZ), which made a $150 million contribution to support the opposite of Resistance, it is a threshold that crypto’s price doesn’t fall below. the stricken company.
Among other facts, the team of Binance also reported that it was able to freeze some $5.8 million of the funds originally stolen.
- Sky Mavis, makers of Axie Infinity, raise $150 million to compensate hacking hacking is the process of using a computer to manipulate another computer or computer system in an unauthorized fashion. victims
- OFAC points to four crypto addresses linked to Ronin network hack and associates them with Lazarus hacking group
- CEO of Binance, CZ, says that exchange incautó USD $5,8 millones de hackers de Axie
Source:TheBlockCrypto, Informe Sky Mavis
Version by Angel Di Matteo / DiarioBitcoin
Imagen de Unsplash