Ronin Network, the L2 used to power the Axie Infinity Economy has been compromised resulting in the loss of > $600m in ETH and USDC.
- The Ronin bridge has been exploited for 173,600 Ethereum and 25.5M USDC.
- The Ronin bridge and Katana Dex have been halted.
- We are working with law enforcement officials, forensic cryptographers, and our investors to make sure all funds are recovered or reimbursed. All of the AXS, RON, and SLP on Ronin are safe right now.
The discovery was made on March 23rd that an attacker was able to used hacked private keys to forge fake withdrawals.
This level of breach could be catastrophic for both the Ronin Network as well as Axie Infinity. The hacker has kept most of the funds in their wallet.
The Ronin Team released an official statement saying that they are “… working with law enforcement officials, forensic cryptographers, and our investors to make sure that all funds are recovered or reimbursed. All of the AXS, RON, and SLP on Ronin are safe right now.”
According to substack there is still an ongoing investigation but 5 validator keys were hacked resulting in a new attack vector that allowed the hacker to use a backdoor into the RPC node resulting in the ability for the hacker to extract funds.
The Sky Mavis team discovered the breach on 3/29 after a user was unable to remove funds from the bridge.
Additionally, the hacker went on to short Ronin knowing that the negative press would have a negative impact on the project.
As of right now users are unable to withdraw or deposit funds to Ronin Network. Sky Mavis is committed to ensuring that all of the drained funds are recovered or reimbursed.