Axie Infinity's Ronin Bridge Hacked for Over $620M
The Ronin Network has been hacked, with a 173,600 Ethereum and 25.5 million USDC exploit in the Ronin Bridge.
According to Axie Infinity's official Discord and Ronin Network's official Twitter thread, as well as its Substack website, the Ronin bridge and Katana Dex have been halted after an exploit for 173,600 Ethereum (ETH) and 25.5 million USD Coin (USDC), worth a combined $612 million at Tuesday's pricing. The team stated they are:
"Currently working with law enforcement officials, forensic cryptographers and our investors to make sure that all funds are recovered or reimbursed. All of the AXS, RON and SLP [tokens] on Ronin are safe right now."
According to Ronin developers, the attacker used compromised private keys to forge fake withdrawals, emptying the funds from the Ronin bridge in just two transactions (1 and 2). More significantly, the attack happened on March 23, but it was only detected on Tuesday because a user allegedly discovered issues after failing to withdraw $5,000 in ETH from the Ronin bridge. $RON, Ronin's primary governance token, has dropped over 21% in the last hour to $1.80 at the time of posting.
Sky Mavis' Ronin chain presently has nine validator nodes, and a deposit or withdrawal event requires at least five signatures to be recognized. Sky Mavis's four Ronin validators and a third-party validator run by Axie Decentralized Autonomous Organization, or DAO, were among the five private keys obtained by the attacker. It took a long time to obtain unauthorized access to the latter.
Sky Mavis, the creator of the Axie Infinity and Ronin ecosystems, approached the Axie DAO in November, requesting assistance in distributing free transactions due to an increase in the number of users. Sky Mavis was whitelisted by the Axie DAO to sign transactions on its behalf, but the process was ended in December. However, the access to the whitelist, on the other hand, was not revoked.
The attacker secured the last signature from the Axie DAO validator after gaining access to Sky Mavis systems, completing the node threshold required for the illicit siphoning of funds from Ronin. The majority of the hacked assets are still in the attacker's wallet at the time of writing.
Read more: Here