Ronin Bridge on Axie Infinity Hacked for $612 Million (News Brief)

By kev_nag | kev_nag | 29 Mar 2022


Pursuant to announcements on Axie Infinity’s Discord page and Ronin’s official Twitter account, the Ronin Bridge and Katana Dex were hacked for 173,600 ETH and 25,500,000 USDC.

20220329 2.png
Photo Source

In a statement by Ronin:

We are working with law enforcement officials, forensic cryptographers, and our investors to make sure all funds are recovered or reimbursed. All of the AXS, RON, and SLP on Ronin are safe right now.

[Ronin Network. Community Alert: Ronin Validators Compromised. (Accessed March 29, 2022)].

As reported by Cointelegraph:

As told by Ronin developers, the attacker used hacked private keys in order to forge fake withdrawals, draining the funds from the Ronin bridge in just two transactions. More importantly, the hack occurred on March 23 but was only discovered on Tuesday after a user allegedly uncovered issues after failing to withdraw 5,000 in ETH from the Ronin bridge…Sky Mavis’ Ronin chain currently consists of nine validator nodes, of which at least five signatures are needed to recognize a deposit or withdrawal event. The attacker managed to gain control over five private keys, consisting of Sky Mavis’s four Ronin validators and a third-party validator run by Axie Decentralized Autonomous Organization, or DAO.

[Sun, Z. Axie Infinity’s Ronin bridge hacked for over $600M. (Accessed March 29, 2022)].

Once learning of the attack, Ronin took the following six steps:

  • We moved swiftly to address the incident once it became known and we are actively taking steps to guard against future attacks. To prevent further short term damage, we have increased the validator threshold from five to eight.
  • We are in touch with security teams at major exchanges and will be reaching out to all in the coming days.
  • We are in the process of migrating our nodes, which is completely separated from our old infrastructure.
  • We have temporarily paused the Ronin Bridge to ensure no further attack vectors remain open. Binance has also disabled their bridge to/from Ronin to err on the side of caution. The bridge will be opened up at a later date once we are certain no funds can be drained.
  • We have temporarily disabled Katana DEX to due to the inability to arbitrage and deposit more funds to Ronin Network.
  • We are working with Chainalysis to monitor the stolen funds.

[Ronin Network. Supra].

Ronin further reports: “ETH and USDC deposits on Ronin have been drained from the bridge contract. We are working with law enforcement officials, forensic cryptographers, and our investors to make sure there is no loss of user funds. This is our top priority right now. All of the AXS, RON, and SLP on Ronin are safe right now” [Id].

Presently it appears that most of the funds remain within the attacker’s wallet: (https://etherscan.io/address/0x098b716b8aaf21512996dc57eb0615e2383e2f96).

Posted Using LeoFinance Beta

How do you rate this article?


13

1

kev_nag
kev_nag

Just an ordinary casual crypto investor.


kev_nag
kev_nag

Retired, finally. I enjoy learning about crypto and sharing my discoveries. Also, I follow the News closely and enjoy discussing current events. I have no political agenda, but advance views based in reality with a slant toward real world consequences.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.