Hackers steal $615M in the largest crypto heist as blockchain startup Ronin exploited for 173,600 Ethereum and 25.5M USDC

Quick Take

• The Ronin bridge has been exploited for 173,600 Ethereum and 25.5M USDC.
• Ronin Network announced Tuesday a loss of over $625 million in USDC and ether (ETH)
• The Ronin bridge and Katana Dex have been halted.
• Ronin Network is working with law enforcement officials, forensic cryptographers, and its investors to make sure all funds are recovered or reimbursed.
• All of the AXS, RON, and SLP on Ronin are safe right now.

Back in February, we wrote about the crypto platform Wormhole after hackers exploited the Wormhole network and stole 120,000 ETH (around $320 million). Fortunately, Wormhole reported the following day that it was able to recover the stolen fund. But now, another crypto exchange has just fallen victim to what may be described as the largest crypto hack yet.

Today, the gaming-focused Axie Infinity’s Ronin Network announced Tuesday a loss of over $625 million in USDC and ether (ETH). According to a blog post published by the Ronin Network’s official Substack, Ronin Network said that hackers made off with over $625 million in Ethereum and USDC, noting that an attacker had “used hacked private keys in order to forge fake withdrawals.

The exploit affected Ronin Network validator nodes for Sky Mavis, the publishers of the popular Axie Infinity game, and the Axie decentralized autonomous organization (DAO). Ronin Network explains that an attacker “used hacked private keys in order to forge fake withdrawals” from the Ronin bridge across two transactions, as seen on Etherscan.

There has been a security breach on the Ronin Network. Earlier today, we discovered that on March 23rd, Sky Mavis’s Ronin validator nodes and Axie DAO validator nodes were compromised resulting in 173,600 Ethereum and 25.5M USDC drained from the Ronin bridge in two transactions (1 and 2). The attacker used hacked private keys in order to forge fake withdrawals. We discovered the attack this morning after a report from a user being unable to withdraw 5k ETH from the bridge.

While the Ronin sidechain has nine validators requiring five signatures for withdrawals and is meant to protect against these types of attacks, the blog post notes that “the attacker found a backdoor through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator.”

The company pegged the losses at 173,600 ether and 25.5 million in USDC, currently worth in excess of $625 million.

This is not the first of hackers making away millions of dollars in crypto assets. In what was described as one of the biggest cryptocurrency heists of all time, a group of hackers stole more than $600 million worth of crypto in a cyberattack that targeted a decentralized finance platform called Poly Network.

The Ronin attacker’s Ethereum address is a fresh address that transferred ETH in from the Binance exchange one week ago. Etherscan records show that the attack took place last Wednesday. The majority of the funds remain in the attacker’s address, though 6,250 ETH has been transferred to various other addresses.