According to the official Discord Axie Infinity and Ronin Network official Twitter thread, as well as the Substack page, the Ronin and Katana Dex bridge has been closed after being hacked to 173600 Ethereum (ETH) and $ 25.5 million (USDC), to total $ 612 million at Tuesday prices. In a statement, the developers said: “They are currently working with police, forensic crypto experts and our investors to ensure that all funds are returned or refunded. All [tokens] AXS, RON and SLP on Ronin are now secure.”
According to the developers of Ronin, the attacker used hacked private keys to counterfeit fake withdrawals, and took money from the Ronin Bridge in just two transactions. More importantly, the hack happened on March 23, but was only discovered on Tuesday after a user discovered problems after not being able to withdraw 5,000 ETH from Ronin Bridge. At the time of going to press, RON, Ronin’s key management token, is down nearly 20% to $ 1.88 in the last hour.
The Sky Mavis Ronin network currently consists of nine verification nodes, of which at least five signatures are required to recognize a deposit or withdrawal. The attacker gained control of five private keys, consisting of four Ronin Sky Mavis validators and an external validator run by the Axie Decentralized Organization, or DAO. Unauthorized access to the latter took a particularly long time.
In November last year, when Sky Mavis, developer of the ecosystems Axie Infinity and Ronin, asked for help from Axie DAO to distribute free transactions due to the increase in the number of users. Sky Mavis was whitelisted by Axie DAO for signing several transactions on their behalf, and the process ended in December. However, access to the whitelist is not withdrawn.
As soon as the attacker gained access to the Sky Mavis systems, he received the final signature from the Axie DAO validator, thus reaching the threshold of the node required to illegally withdraw money from Ronin. At the time of publication, most of the hacked funds were still in the attacker’s wallet.