The Ronin bridge has been exploited for 173,600 Ethereum and 25.5 million USDC (stablecoin) collectively worth over $620 million, revealed the Ronin Network which is renowned for the popular crypto game Axie Infinity. The Ronin Network is an independent and Ethereum-compatible blockchain developed by Sky Mavis.
Jeff Zirlin, co-founder of Axie Infinity, at the NFT LA conference, highlighted that the Ronin Network suffered a hack, losing 173,000 Ethereum and $25 million in USDC. He described the incident as one of the biggest hacks in history.
Because of the hack, the Ronin bridge and Katana DEX have been halted. The network is working with law enforcement officials, forensic cryptographers, and the company’s investors to make sure that all funds are recovered or reimbursed. It added that the RON, AXS, and SLP on Ronin are safe.
The security breach on the Ronin Network was discovered on March 23. Sky Mavis’s Ronin validator nodes and Axie DAO validator nodes were compromised. The network highlighted that the hacker used private keys to forge fake withdrawals. The incident came to the fore after a user was unable to withdraw 5k ETH from the bridge.
The Ronin Network has paused the Ronin Bridge to ensure that no further attack vectors remain open. Binance has also disabled its bridge to and from Ronin. It will be opened up at a later date once the network makes sure that no funds can be drained.
In 2021, Poly Network recorded a similar hacking incident (the largest crypto heist in history) in which it lost $600 million worth of cryptocurrency. But the hacker gave back what it had stolen.
John Reed Stark, a former chief of SEC’s Office of Internet Enforcement, said the latest hack is a sobering reminder of how vulnerable Web3 marketplaces are to cyber-attacks. He highlighted that the Web3 marketplace is fraught with chaos and lawlessness. Stark said the Ronin Network may never learn the truth about what happened. The Web3 marketplaces, unlike US financial firms that must report cyber-attacks fairly and accurately, do not have to report anything at all.
