Largest Crypto Hack Ever? Ronin Bridge Exploited for $600M+ in ETH and USDC

Ronin – an EVM blockchain for play-to-earn games – recently fell victim to one of the largest hacks in the history of crypto. A whopping 173,600 ETH was drained from Ronin bridge within the last week, alongside another 25.5M USDC.

According to a community alert issued by Ronin, the hack occurred due to Ronin validator nodes and Axie DAO validator nodes being compromised.
This led to hacked private keys being used to forge two fake network withdrawals (1 and 2) that absorbed hundreds of millions in crypto from the bridge. The transactions took place on March 23rd – nearly a week ago, before being noticed today.
Ronin’s chain consists of 9 validator nodes – 5 of which must be used to recognize a deposit or withdrawal event.
“The attacker managed to get control over Sky Mavis’s four Ronin Validators and a third-party validator run by Axie DAO,” reads Ronin’s alert post.
The attacker reportedly located a backdoor through Ronin’s “gas-free RPC node,” which was used to compromise the Axie DAO validator node.
As of now, both Ronin bridge and Katana DAO have been halted, and Ronin states that all AXS, RON, and SLP on the network are safe.
At ETH’s current price, the attack amounts to $588,677,600 stolen in ETH alone. Combined with the $25.5M stolen in USDC, that’s a $614.1M hack.
This makes it the largest Defi hack of all time, narrowly beating the PolyNetwork hack from last year, and dwarfing the similar Solana bridge hack from last month.
Ronin’s price also tumbled on the news, collapsing 26% within 15 minutes after news of the exploit broke.
Right now, the Ronin team claims to be working with law enforcement and forensic cryptographers to recover the stolen funds. Sam Bankman Fried – CEO of FTX – has also offered his help, as many of the stolen funds have since been deposited to his exchange.

Read More?

Post is imported from RSS feed, by one of our guest editors. G6 does not edit or moderate the content. G6 is not responsible for your actions. No rights owned by G6. To remove the post, please email us at [email protected]

No Comments

Sorry, the comment form is closed at this time.