The Ronin Network Has Been Breached: Hackers Have Stolen Over $600 Million from the Ronin Network
Sky Mavis’s Ethereum-based sidechain designed exclusively for Axie Infinity has been hacked. The company announced a significant security compromise that resulted in the loss of over $625 million in cryptocurrencies. Although the cyber robbery occurred on March 23, it was discovered today when a user was unable to withdraw 5,000 ether (ETH).
At a keynote talk at the NFT LA conference, Jeff Zirlin (Jihoz), the co-founder of Axie Infinity, described the breach.
According to the blog post, on March 03, the Ronin Bridge was drained of about 173,600 ETH and 25.5 million USDC in two transactions. The hacker generated bogus withdrawals using compromised private keys. Four Sky Mavis validators and one Axie DAO validator were hacked, according to Ronin.
As Ronin put it:
Although the validator key mechanism is designed to be decentralized, the attacker discovered a backdoor via our gas-free RPC node, which they exploited to get the signature for the Axie DAO validator.
The Katana Dex and Ronin bridges have been paused in the aftermath of the breach. Binance has also suspended its Ronin bridge as a precautionary measure. The bridge will reopen when it is determined that the money will not run out in the future.
As a precautionary step, Ronin will increase the number of nodes validated from five to eight. Additionally, it said that it is in contact with security teams at key exchanges. migeunderway in such a way that it is fully independent of the existing infrastructure. Additionally, Ronin is working closely with Chainalysis to track the money that has been taken.
