The crypto community is shaken as it sees one of the largest crypto heists in history. Ronin network, the Ethereum sidechain for NFT game Axie Infinity, suffers an exploit of over $600M which was discovered only 6 days after the hack attack.
- 173,600 ETH and 25.5M USDC were stolen from the Ronin Bridge.
- The hacker compromised five of the nine validator nodes to withdraw funds.
- The network is working with law enforcement officials, forensic cryptographers to recover the funds.
The hacker stole 173,600 ETH, nearly $600 million, and 25.5 million USDC stablecoin ($25.5 million) in two transactions, adding up to about $625 million worth of crypto funds at the time of writing.
The Ronin Bridge has been temporarily suspended to guarantee that no other attack routes remain open. This means that the users will not be able to deposit and withdraw funds from the company’s blockchain for an unspecified period of time.
According to a community alert from the Ronin bridge network, the exploit took place on March 23rd but was only found out on March 29th. It is literally unbelievable that such a big hack event got unnoticed for 6 days just like that.
On March 29th, a user reported being unable to withdraw 5,000 ETH worth $17 million from the network, prompting the platform to investigate. That’s how the whole heist got uncovered.
In order to forge false withdrawals, the attacker exploited hacked private keys. According to Sky Mavis, Axie Infinity’s developer, the Ronin hack was made possible in part by a shortcut taken by the firm in November, of last year, to relieve an immense user load in its network.
The system was halted in December, but the permissions that made it possible were not revoked. The attacker compromised four of Sky Mavis’ own nodes in addition to gaining access to one controlled by the community-owned Axie DAO.
This way the hacker could easily override any transaction security, and withdraw any funds they wanted after compromising five of the nine validator nodes. The team has confirmed that the signature in the false withdrawals matches with the five suspected validators.
A portion of the stolen funds are already moved to crypto exchanges such as FTX, Crypto.com etc. But still the majority of the hacked amount from Ronin bridge is sitting in the hacker’s address. FTX CEO Sam Bankman Fried, stated the exchange is investigating and will take action when required.
The Ronin team has since raised the validator threshold from five to eight to prevent more damage. They have reached out to security teams at major exchanges and blockchain analytics firm Chainalysis for assistance.
Right now, the team is in the process of transferring their nodes to a new infrastructure that’s completely different from the previous one.
Binance has also deactivated their Ronin-to-Binance bridge to be on the safe side. The bridge will be reopened after it is assured that no funds will be drained. Binance CEO Changpeng Zhao tweeted saying they are providing support to track this issue.
The Ronin team also has temporarily deactivated Katana DEX, which runs on the Ronin bridge. Right now, all of the AXS, RON, and SLP on Ronin are secure as per the team’s statement.
To ensure that all funds are recovered or reimbursed, Ronin network is working with law enforcement officials, forensic cryptographers, and investors.
Crypto hackers have zero chill as they continue to find loopholes in various networks and try to benefit big time out of it. Just in February, Cross-chain token bridge Wormhole was compromised for about 120,000 wETH, approximately $321M from its platform. The Wormhole team then contacted the hacker via an Ethereum address to return funds and offered $10M worth of bug bounty.