The Ronin bridge of Axie Infinity was hacked for nearly $600 million
“We have contacted security teams at key exchanges and will be contacting everyone in the coming days,” the Ronin team said.
According to Axie Infinity’s official Discord and Ronin Network’s official Twitter thread, as well as its Substack page, the Ronin bridge and Katana Dex have been disabled following an exploit for 173,600 Ethereum (ETH) and 25.5 million USD Coin (USDC), valued at a combined $612 million at Tuesday’s prices. The developers said in a statement that they are “We are presently coordinating with law enforcement authorities, forensic cryptologists, and our investors to ensure that all assets are recovered or refunded. All AXS, RON, and SLP [tokens] on Ronin are currently secure.”
According to Ronin engineers, the attacker forged bogus withdrawals using compromised private keys, depleting cash from the Ronin bridge in only two transactions. Furthermore, the attack happened on March 23 but was detected on Tuesday as a user reportedly found trouble after attempting to withdraw 5,000 ETH through the Ronin bridge. At the time of writing, RON, Ronin’s main governance token, had dropped almost 20% in the previous hour to $1.88.
At the moment, Sky Mavis’ Ronin chain consists of nine validator nodes, with a minimum of five signatures required to acknowledge a deposit or withdrawal event. The attacker gained possession of five private keys, including those belonging to Sky Mavis’s four Ronin validators and one belonging to a third-party validator operated by Axie Decentralized Autonomous Organization, or DAO. Obtaining illegal access to the latter took an unusual amount of time.
When Sky Mavis, the creator of the Axie Infinity and Ronin ecosystems, sought assistance from the Axie DAO in November to award free transactions owing to an increase in user numbers, the Axie DAO agreed. The Axie DAO whitelisted Sky Mavis in December to sign certain transactions on its behalf. Access to the whitelist, on the other hand, was not withdrawn.
After gaining access to the Sky Mavis systems, the attacker received the last signature from the Axie DAO validator, fulfilling the node threshold necessary for the unlawful syphoning of cash from Ronin. At the time of publishing, the attacker’s wallet had the majority of the compromised cash.