Threat actors have stolen almost $625 million in Ethereum and USDC (a U.S. dollar pegged stablecoin) tokens from Axie Infinity’s Ronin network bridge. The attack took place on March 23rd, but the cyber heist was discovered today after a user was unable to withdraw 5,000 ether.
The Ronin Network is an Ethereum-linked sidechain used for the blockchain game Axie Infinity.
The attackers have stolen roughly 173,600 ether and 25.5 million USDC. The Ronin bridge and Katana Dex have been halted following the attack.
Axie Infinity disclosed the security breach through the official Discord and Twitter accounts, and by Ronin Network.
“There has been a security breach on the Ronin Network. Earlier today, we discovered that on March 23rd, Sky Mavis’s Ronin validator nodes and Axie DAO validator nodes were compromised resulting in 173,600 Ethereum and 25.5M USDC drained from the Ronin bridge in two transactions (1 and 2).” reads a statement published by the company. “The attacker used hacked private keys in order to forge fake withdrawals. We discovered the attack this morning after a report from a user being unable to withdraw 5k ETH from the bridge.”
The amount of stolen funds makes this attack the largest crypto hack in history, passing the $611 million hack of the DeFi protocol Poly Network in August 2021.
Sky Mavis’ Ronin chain is currently composed of 9 validator nodes. In order to confirm transactions, five out of the nine validator signatures are needed. The threat actors managed to get control over five of the validator signatures, Sky Mavis’s four Ronin Validators and a third-party validator run by Axie DAO.
“The validator key scheme is set up to be decentralized so that it limits an attack vector, similar to this one, but the attacker found a backdoor through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator.” continues the statement.
The company notified law enforcement and hired a forensic cryptographer to investigate the incident.
Axie Infinity said it’s committed to ensuring that all of the drained funds are recovered or reimbursed.
“As of right now users are unable to withdraw or deposit funds to Ronin Network. Sky Mavis is committed to ensuring that all of the drained funds are recovered or reimbursed.” concludes the statement.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Axie Infinity’s Ronin)
[adrotate banner=”5″]
[adrotate banner=”13″]
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. …
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer…
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics…
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November…
This website uses cookies.