Sky Mavis’ Ronin Network Bridge Exploited for Over $625M
Services have been halted on the Ronin Bridge and Katana DEX
Blockworks exclusive art by axel Rangel
key takeaways
- Exploiters used hacked private keys to forge fake withdrawals on March 23
- “We are working with law enforcement officials, forensic cryptographers, and our investors to make sure that all funds are recovered or reimbursed,” Ronin Network said in a statement
Ronin Network, an Ethereum-linked sidechain used for blockchain game Axie Infinity, was breached. Hackers exploited the network for roughly $625 million, or 173,600 ether and 25.5 million USDC, according to a Tuesday statement.
Exploiters, per the network’s post, used hacked private keys to forge withdrawals on March 23. The breach, however, wasn’t discovered until Tuesday, when a user was unable to withdraw 5,000 ETH.
Ethereum and USDC deposits on Ronin have been drained from its bridge contract. Users, as of now, are unable to withdraw or deposit funds. The Ronin Bridge and Katana DEX, as a result, have been halted.
“Sky Mavis’ Ronin chain currently consists of 9 validator nodes. In order to recognize a Deposit event or a Withdrawal event, five out of the nine validator signatures are needed,” the blogpost said. “The attacker managed to get control over Sky Mavis’s four Ronin Validators and a third-party validator run by Axie DAO.”
Sky Mavis, the creator of Axie Infinity, said it is “committed to ensuring that all of the drained funds are recovered or reimbursed.”
“We are working with law enforcement officials, forensic cryptographers, and our investors to make sure that all funds are recovered or reimbursed,” the network said in a tweet.
Most of the stolen ETH remains in the attacker’s wallet, but 6,250 ETH (about $21 million) has been transferred out, including hundreds of ETH sent to the FTX Exchange.
All $25.5 million in USDC has been transferred out to various wallets and DeFi protocols, according to Etherscan.
RON, the native token of the Ronin Network, is down 23% on the news, according to CoinMarketCap.
This is a developing story and may be updated as new information becomes available.
Get the news in your inbox. Explore Blockworks newsletters:
- Blockworks Daily: The newsletter that helps thousands of investors understand crypto and the markets, by Byron Gilliam.
- Empire: Start your morning with the top news and analysis to inform your day in crypto.
- Forward Guidance: Reporting and analysis on the growing intersection of crypto and macroeconomics, policy and finance.
- 0xResearch: Alpha directly in your inbox. Market highlights, data, degen trade ideas, governance updates, token performance and more.
- Lightspeed: Built for Solana investors, developers and community members. The latest from one of crypto’s hottest networks.
- The Drop: For crypto collectors and traders, covering apps, games, memes and more.
- Supply Shock: Tracking Bitcoin’s rise from internet plaything worth less than a penny to global phenomenon disrupting money as we know it.
