The Ronin Network team has confirmed its bridge was exploited for 173,600 Ethereum and 25.5 million USDC on Mar. 23 in what appears to be the biggest DeFi hack in history
Ronin Network Suffers Major Exploit
According to a recent blog post by the Ronin Network’s official Substack, the exploit affected Ronin Network validator nodes for Sky Mavis, the publishers of the popular Axie Infinity game, and the Axie decentralized autonomous organization (DAO).
Sky Mavis’ Ronin validator nodes, as well as Axie DAO validator nodes, were compromised and emptied by a malicious actor last week, resulting in a $625 million loss (173,600 Ethereum tokens and 25.5 million USDC tokens).
According to Etherscan, an attacker “used hacked private keys to generate fraudulent withdrawals” from the Ronin bridge over two transactions.
This could be the biggest decentralized financial hack ever, surpassing the $611 Poly Network crime from August.
With the use of compromised private keys, the Ronin hacker was able to construct fraudulent transactions.
In August 2021, a hacker made off with $611 million thanks to an exploit of the Poly Network cross-chain decentralized finance (DeFi) protocol. The funds were refunded in large amounts.
While Poly Network was able to recover nearly all of the stolen monies, Ronin’s response to the unprecedented hacking incident remains to be seen. The great majority of the stolen crypto is still in the hands of the attacker’s address.