Key Takeaways:
- Hackers attacked Axie Infinity's Ronin network validator nodes.
- The exploit saw the platform lose $625 million in Ether and USDC.
MANALI (CoinChapter.com) — In what may be the biggest attack in DeFi history, hackers exploited Axie Infinity’s Ethereum (ETH) linked sidechain Ronin Network, walking away with roughly $625 million.
Ronin Network’s loss surpasses Aug 2021’s Poly Network hack, which saw the cross-chain DeFi protocol lose $611 million. As per Ronin’s announcement, hackers exploited the platform for 173,600 Ether (ETH) and 25.5 million USDC, worth roughly $625 million.
Furthermore, the platform assured users that it was working with law enforcement and crypto to recover the lost funds.
Ronin Network Shared Details Of The Exploit
Ronin’s announcement stated the hack affected Ronin Network validator nodes for Sky Mavis, the publishers of the Axie Infinity game, and the Axie Dao.
In detail, the Ronin chain consists of nine validator nodes. A Deposit or Withdrawal event requires at least five validator signatures. The attacker managed to get control over four of Sky Mavis’s Ronin validators and a third-party validator run by the Axie DAO.
Also Read: Axie Infinity (AXS) soars 52% ahead of Origin launch.
Moreover, the Ronin network designed the validator key system to prevent an attack like this one. The platform stated that the attacker compromised the gas-free RPC node, ‘which they abused to get the signature for the Axie DAO validator.‘
Ronin’s announcement also revealed that in Nov 2021, Axie DAO allowed Sky Mavis to sign transactions on its behalf to ease the latter’s immense user load. The process was discontinued in Dec 2021, but the access was likely not revoked.
Meanwhile, the network confirmed that the malicious withdrawals’ signatures matched the five suspected validators.
Steps Taken To Limit The Fallout
The Ronin Network increased the validator threshold from five to eight to limit short-term damage from the recent attack. Additionally, the Axie sidechain assured users of increased security to prevent similar attacks in the future.
Moreover, Ronin is collaborating with major exchanges to blacklist the associated addresses and track the stolen assets. The platform also halted operations on the Ronin Bridge and Katana Dex. Additionally, Binance has disabled its bridge to Ronin to safeguard from further fallout of the recent exploit.
We are working directly with various government agencies to ensure the criminals get brought to justice. Sky Mavis is here for the long term and will continue to build.
The announcement said
Most of the stolen ETH remains in the attacker’s wallet. However, the user has transferred out 6,250 ETH, roughly $21 million, with hundreds of ETH sent to the FTX exchange.
Also Read: Smooth Love Potion (SLP) jumps 67% after Axie Infinity revamps reward structure.
On the other hand, Etherscan confirms the malicious user moved all of $25.5 million in USDC to various wallets and DeFi protocols.
RON, Ronin Network’s native token, dropped 29.7%, going from the intraday high of $2.3034 to reach a low of $1.62 before recovering after news of the exploit broke. At the time of writing, RON was trading at $1.786, down 21.96% on the day.
