Infinity's Ronin Network Says About $620M Stolen In Major Security Breach

Zinger Key Points
  • Following the breach, the Ronin bridge and Katana Dex have been halted.
  • Crypto exchange Binance has also disabled its bridge to/from Ronin as a precautionary measure. The bridge will be opened at a later date when it is ascertained that funds cannot be drained.

Ronin, an Ethereum-linked sidechain made by Sky Mavis specifically for Axie Infinity AXS/USD, disclosed Tuesday a major security breach that led to the theft of about $620 million in cryptocurrency. 

What Happened: About 173,600 Ethereum ETH/USD and 25.5 million USD Coin USDC/USD were drained from the Ronin bridge in two transaction on March 23, the Ronin Network said in a blog post.

This resulted from the compromising of Sky Mavis' Ronin validator nodes and Axie DAO validator nodes.

Sky Mavis is a Vietnamese tech platform that creates DeFi applications and services. It operates the play-to-earn game Axie Infinity, which is monetized via non-fungible tokens.

The issue came to light after a user reported an inability to withdraw 5,000 ETH from the bridge.

The attacker apparently used hacked private leys to forge fake withdrawals. Five validator private keys, four from Sky Mavis validators and one Axie DAO were hacked, Ronin said.

"The validator key scheme is set up to be decentralized so that it limits an attack vector such as this, but the attacker found a backdoor through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator," Ronin said.

All of the AXS, Ronin RON/USD and Smooth Love Potion SLP/USD are safe, according to Ronin. 

Related Link: DeFiance Capital Founder Falls Victim To Hacker, $1.6M Loses In Wallet Breach

What's Next? Following the breach, the Ronin bridge and Katana Dex have been halted. Crypto exchange Binance has also disabled its bridge to/from Ronin as a precautionary measure. The bridge will be opened at a later date when it is ascertained that funds cannot be drained.

Ronin said it is working with law enforcement officials, forensic cryptographers and its investors to ensure the swindled funds are recovered.

As preventative measures, Ronin said it has increased the validator threshold from five to eight. It also said it is in touch with security teams at major exchanges. Migration of nodes are underway so that it is completely separated from the old infrastructure.

Axie Infinity is down 7.49% over 24 hours at $64.77. 

Related Link: Circle Warns Its Users Of Potential Cyberattacks: Here's What To Expect

Market News and Data brought to you by Benzinga APIs
Comments
Loading...
Posted In: CryptocurrencyNewsTop StoriesMarketsMoversTrading IdeasAxie InfinityRonin
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!