Ronin Hack Goes Almost Unknown for a Week

A major hack has resulted in approximately just a little over 600 million worth of cryptocurrency being stolen from Ronin. This was  the gaming-focused blockchain network used for the NFT-based game Axie Infinity.

Ronin said that roughtly 173,000 Ethereum and 25 million USDC – a stable coin linked to the US dollar – were drained in two transactions.

Chainalysis said on Twitter it is tracking the funds on Ronin’s behalf to see if they continue to change hands. The blockchain platform said this hack is worth more than $600m, which would end up making it the largest-ever DeFi exploit recorded.

[ Keep on reading! Read how Unhackable and Bug Free Coding is a Marketing Lie on SudoSecurity ]

Ronin said it is currently working law enforcement officials, forensic cryptographersm and investors to recover or reimburse the stolen funds. The Ronin bridge and Katana decentralised exchange have also been halted for now as a security measure to check for exploits and vulnerabilities.

The blockchain network said validator nodes for Sky Mavis – the operator of Ronin and Axie Infinity – and Axie DAO validator nodes were compromised just on the 23 March.

Ronin said it officially noticed the breach just yesterday (29 March), after a user reported they could not withdraw their  5,000 Ethereum from the bridge.

The Blockchain Operator said the following on its Substack.

There has been a security breach on the Ronin Network. The attacker used hacked private keys in order to forge fake withdrawals.
Sky Mavis’ Ronin chain currently consists of nine validator nodes. In order to recognise a deposit event or a withdrawal event, five out of the nine validator signatures are needed.

Ronin said the hacker had control of at least four of the validators and also a third-party validator run by Axie DAO. The hacker managed to find a backdoor that was abused to get access to this fifth validator.

The statement also stated the following.

This traces back to November 2021 when Sky Mavis requested help from the Axie DAO to distribute free transactions due to an immense user load. The Axie DAO allowlisted Sky Mavis to sign various transactions on its behalf.

Ronin added the following also.

This was discontinued in December 2021, but the allowlist access was not revoked.

Usually security is often seen as one of the major benefits of blockchain, cyberattacks are becoming more sophisticated all the time, with major hacks occurring over the last year.

One of the world’s largest cryptocurrency trading platforms by volume, Bitmart, was targeted last December by unidentified hackers, which lead to an estimated 200 million worth of assets being stolen in that attack.

Last August, a major hack on decentralized finance platform Poly Network saw more than 600 million in cryptocurrency stolen by exploiting a vulnerability in its system – one of the largest crypto thefts in history.