The Ronin Network, the independent and Ethereum-compatible blockchain developed by Axie Infinity, has recently reported a loss of nearly $625 million in USDC and ether (ETH).
According to a post by the Ronin Network’s official Substack, the hack impacted validator nodes for Sky Mavis, the developer of the well-known NFT games such as the pokemon-themed Axie Infinity and the Axie DAO.
The attacker generated fraudulent withdrawals from the Ronin sidechain using the hacked private key over two transactions. Though it requires five signatures to make any withdrawals, the attacker discovered a backdoor through the gas-free RPC node, which was exploited to get the signature for the Axie DAO validator.
The Ronin sidechain lost 173,600 ether and $25.5 million in USDC. According to the DeFiYield REKT database, which documents Defi frauds, hacks, and exploits, this hack amounts to roughly $625 million, making it the most severe Defi hack in history.
The most recent Defi hack surpasses the previous record of $611 million, which was taken from cross-chain protocol Poly Network in August 2021. The majority of the cash has been recovered and reimbursed.
The Ronin attacker’s Ethereum address is freshly new and has received funds from the Binance exchange less than a week ago. It currently retains most of the funds, but 6,250 ETH has been moved to numerous other addresses. According to the developer, Kelvin Fitcher, part of the Ethereum has been deposited into accounts on the digital asset exchange FTX.
Interesting update, some of the ETH is being deposited into @FTX_Official. https://t.co/wABw93YAjy pic.twitter.com/aVRYuxKfpb
— smartcontracts 🔴✨ (@kelvinfichter) March 29, 2022
In response, Ronin Network has suspended its bridge and Katana Dex, an automated market maker, until the outcome of the inquiry. It states that it’s collaborating with law enforcement agencies, forensic cryptographers, and its investors to ensure the criminals get brought to justice and user funds are not lost. It also adds that the validation threshold will be increased to eight nodes in the future.
According to Coinmarketcap, since the Ronin Network confirmed the theft, its native crypto, Ronin (RON), has declined by 21% on the day, falling from $2.30 to $2.24 per coin.