Ronin, the Ethereum sidechain, hacked; attacker siphons $625 million

The Ronin sidechain, used in the blockchain game Axie Infinity, was hacked. Exploiting the vulnerability, the attacker siphoned crypto assets worth roughly $625 million.

There has been a security breach on the Ronin Network.https://t.co/ktAp9w5qpP

— Ronin (@Ronin_Network) March 29, 2022

The hacker managed to obtain 173,600 ETH, as well as USDC stablecoins totaling $25.5 million.

The Ronin bridge has been exploited for 173,600 Ethereum and 25.5M USDC.

The Ronin bridge and Katana Dex have been halted.

— Ronin (@Ronin_Network) March 29, 2022

The developers disabled the Ronin cross-chain bridge and the non-custodial exchange Katana.

According to The Block Research’s Igor Igamberdiev, some funds were sent to centralized exchanges FTX and Crypto.com.

Imagine stealing 600 million 6 days ago and depositing money on @FTX_Officialhttps://t.co/nYWYC1jJ1J pic.twitter.com/YGzr7uyk5Q

— Igor Igamberdiev (@FrankResearcher) March 29, 2022

In the project’s blog, it says that the attacker exploited the vulnerability as early as March 23. To carry out the attack, he managed to gain control of five of the nine validators.

«The Sky Mavis team discovered a breach in the security system on March 29 after reports that a user could not withdraw 5,000 ETH from the bridge,» the developers wrote.

One user noted that the hacker also moved part of the funds from Binance to finance the attack.

The $ETH hacker also made deposits from @binance to fund the wallet

Maybe not very smart pic.twitter.com/Tg53bKQyWP

— Pentoshi 🐧 (@Pentosh1) March 29, 2022

Representatives from Sky Mavis pointed to the address on which the bulk of the stolen funds are held. Etherscan labelled it as “associated with the Ronin bridge hack.”

«We are working directly with various government authorities to ensure that the criminals face justice,» the project representatives stressed.

The developers assured users that RON and the in-game tokens SLP and AXS on the Ronin sidechain are safe.

We are working with law enforcement officials, forensic cryptographers, and our investors to make sure that all funds are recovered or reimbursed. All of the AXS, RON, and SLP on Ronin are safe right now.

— Ronin (@Ronin_Network) March 29, 2022

According to CoinGecko, in the last 24 hours the price of the RON token has fallen by more than 20%.

The Ronin breach is the largest in DeFi history. A similar incident occurred last year with the Poly Network project. The hacker siphoned $611 million, but subsequently returned a large portion of the funds (except for $33 million in USDT, which Tether froze after the attack).

In January, Sky Mavis released the RON governance token for the Ronin sidechain.

Subscribe to ForkLog news on Telegram: ForkLog Feed — the full news feed, ForkLog — the most important news, infographics and opinions.