Ronin, an Ethereum-related sidechain made by Sky Mavis specifically for Axie Infinity AXS/USDdisclosed on Tuesday a major security breach that led to the theft of approximately $620 million in cryptocurrency.
What happened: About 173,600 Ethereum ETH/USD and 25.5 million USD coin USDC were drained from the Ronin Bridge in two transactions on March 23, the Ronin Network said in a blog post.
This resulted from the compromise of Sky Mavis’ Ronin validator nodes and Axie DAO validator nodes.
Sky Mavis is a Vietnamese technology platform that builds DeFi applications and services. It operates the Axie Infinity play-to-earn game, which is monetized through non-fungible tokens.
The issue arose after a user reported an inability to withdraw 5,000 ETH from the bridge.
The attacker apparently used hacked private laws to fake fake withdrawals. Five validator private keys, four of the Sky Mavis validators and an Axie DAO were hacked, Ronin said.
“The validator’s key scheme is configured to be decentralized to limit an attack vector like this, but the attacker found a backdoor through our gasless RPC node, which he abused to obtain the signature of the validator. Axie DAO validator,” says Ronine.
All AXS, Ronin RON/USD and Creamy love potion SLP are safe, according to Ronin.
Related Link: DeFiance Capital Founder Falls Victim To Hacker, Loses $1.6M In Wallet Breach
And after? Following the breach, the Ronin Bridge and Katana Dex were halted. Crypto exchange Binance has also disabled its bridge to/from Ronin as a precaution. The bridge will be opened at a later date when it is determined that the funds cannot be drained.
Ronin said he is working with law enforcement officials, forensic cryptographers and his investors to ensure the scammed funds are recovered.
As a precaution, Ronin said they increased the validator threshold from five to eight. He also said he is in contact with the security teams of major exchanges. Node migrations are underway so that it is completely separate from the old infrastructure.
Axie Infinity is down 7.49% over 24 hours at $64.77.
Related Link: Circle Warns Users About Potential Cyberattacks: Here’s What to Expect