If you think your fund is safe, think again! Where you think is safe might not be different than other places. Today I am sharing my direct experience with AXS staked at staking.axieinfinity.com. I woke up a morning and the staked AXS was "0"!!!
Axie Infinity launched AXS staking in Q3 this year with an attractive yield around 120% APY at the time of writing this. AXS has become one of the most popular tokens in many Exchanges, and the price is on the way up. In order to stake AXS, we need to have Ronin wallet as a passport to Axie Infinity world. However Ronin had not yet supported mobile version at the time I began to stake AXS, so I needed to install on PC.
It had been going well for a month, and the yield was so lovely that I decided to top up my investment. However I found out in a morning that my fund was all gone. Yes, completely gone! I was so confused and reported Skymarvis immediately of the incident, but still got no response from them and it's been more than 72 hours. More or less anyone would be nervous, and try to do something rather than just wait, right? So I started to investigate by myself on Ronin Explorer. I put in the wallet address to check through all transactions in the past. Surprisingly I found 3 latest transactions that I didn't do by myself.
- transfer from my wallet to another
The thief claimed all my reward and unstaked everything, no leftover, before transferring to another account. This is obviously a crime that I hope the development team would take this seriously and treat money lost as the first priority as it is also the credibility of the platform too. If you act fast, tracing will not be difficult, but the longer you let the time flies, the less the chance to get back the fund and allow the criminal to keep doing unethical activities. Picture here is the suspect's account that my AXS was finally transferred to.
From the incident, I tried to recap what I had done that might put my wallet at risk, but it's just the transfer from Binance to Ronin back and forth, and using Ronin on PC Chrome. Is it possibly a transaction phishing, or PC hack? But whatever it is, I question the security of the platform I staked too.
The question you'll be asked all the time is "Did you give out your seed phrase to anyone?" Um...well, I'm not stupid, alright? My point is there might be some online activities or behaviors that we don't even realize that we are putting ourselves at risk, or we are targetted by scammers. There are a lot of people like me out there and I don't put all blames on them. Of course one has to learn how to secure themselves online. But the platform, in this case SkyMarvis, the Axie developer, should also react fast, and fix the hole. Well, it's over 72 hours without their response, which is unforgivable ignorance. There are also a lot of people crying out in Reddit, Twitter, Discord, etc. that they didn't get any response or action on time against the robbery.
Most platforms got the same excuse that they could not handle traffic on support, and loaded tons of articles for users to help themselves. Well, I think I have done my part to investigate and report. What else can I do?
So now what? I think I'll just go shopping for hardware wallet. If you don't lose $10000, you won't get $30 hardware wallet, will ya?
Tip me if you think the platform should also be resposible for the stolen AXS.