Expensive crypto hacks are becoming part of web3 life

moneycontrol.com:

A popular blockchain game called Axie Infinity has suffered what could well be the biggest security breach in the history of decentralised finance.

Hackers forged withdrawals last week from the game’s Ronin Network, which lost approximately $615 million, and said it was working with law enforcement to recover the funds and reimburse players, many of whom had to pay hundreds of dollars up front to play. It’s unclear how many were affected. It’s also postponing the launch of a similar play-to-earn game. The incident points to a mounting challenge for web3, the catchall term describing digital services built on blockchain technology. A growing list of breaches that stem in part from errors in writing web3 code is upending one of the great promises of blockchain — enhanced security — and holding back the technology’s progress toward mainstream acceptance.

Last August, hackers stole more than $600 million from a blockchain programme called Poly Network. Then in February, around $320 million was stolen from a so-called bridge that allowed people to transfer crypto assets between two popular blockchain networks, Solana and Ethereum. In both cases, most, if not all, funds were restored to the original holders. But DeFi, or the passel of blockchain networks trying to serve as an alternative to traditional financial systems, has become an attractive target for hackers thanks to the billions of dollars locked up in various applications that are also largely run autonomously. (Money stolen in the latest hack had not moved from the wallet of the attackers at the time of writing.)

The amounts lost through hacks of DeFi projects more than doubled in 2021, according to cryptocurrency security firm CertiK. A timeline on security website