Ronin Network Hacked for 173.6k Ethereum and 25.5M USDC

How the Ronin Network was Hacked

According to the team at Ronin, the hack was carried out on the 23rd of March through a compromise to the Sky Mavis’s Ronin validator nodes and Axie DAO validator nodes.

Furthermore, the attacker used private keys in order to fake withdrawals. The hack was discovered earlier today after a user filed a report of being unable to withdraw 5,000 Ethereum from the bridge.

The team at the Ronin Network is in the process of conducting a thorough investigation in addition to the following facts already known.

  • 5 validator private keys were hacked: four belonging to Sky Mavis validators and one to Axie DAO validator
  • The attacker found a backdoor through Ronin’s gas-free RPC node which was then used to get the signature for the Axie DAO validator
  • The Sky Mavis system needs 5 out of the nine validator signatures to initiate a withdrawal event
  • Ethereum and USDC deposits have been drained from the Ronin bridge contract

Next Steps of Action by the Ronin Network

The team at the Ronin Network has gone on to take the following actions moving forward.

  • The team is actively safeguarding against future attacks
  • The validator threshold has been increased from five to eight
  • Security teams at various crypto exchanges are being contacted to help in freezing or identifying the movement of the funds
  • The team at Ronin is in the process of migrating nodes away from the old infrastructure
  • The Ronin bridge and Katana DEX have been temporarily disabled
  • Binance has also disabled their bridge from/to Ronin
  • Chainalysis has been requested to monitor the path of the stolen funds
  • The team at Ronin is ‘working with law enforcement officials, forensic cryptographers, and our investors to make sure there is no loss of user funds’

Source: Read Full Article