The Ronin Bridge Exploited: $12M Withdrawn, $10M Returned by Whitehat
The Ronin Network, a blockchain-primarily used for gaming, has recently suffered a significant security breach. On August 6, the network reported that its Ronin Bridge had been exploited, resulting in the withdrawal of approximately $12 million of digital assets. The stolen funds included around 4,000 Ether (ETH) and $2 million in USD Coin (USDC).
The @Ronin_Network bridge has been paused while we investigate a report from whitehats about a potential MEV exploit.
The breach has sparked speculation about the nature of the exploit. According to PeckShield, a prominent blockchain security firm, the transaction involved a Maximal Extractable Value (MEV) bot. These bots are designed to analyse and exploit arbitrage opportunities within decentralised finance (DeFi) platforms. However, it is also suspected that the exploit may have been carried out by whitehat hackers, who ethically test and highlight vulnerabilities to improve security. If these ethical hackers are behind the breach, there is hope that the stolen funds could be returned.
Earlier today, we were notified by white-hats about a potential exploit on the Ronin bridge. After verifying the reports, the bridge was paused approximately 40 minutes after the first on-chain action was spotted.
The actors withdrew ~4K ETH and 2M USDC, valued at ~$12M, which…
Aleksander Leonard Larsen, Co-Founder and COO of Sky Mavis, the firm behind Ronin, confirmed that the network’s operations were paused to investigate the incident. He indicated that the team is discussing with the suspected whitehats to resolve the issue and recover the stolen assets.
Previous Security Breaches
This incident is the second major hack Ronin Network has faced in recent years. The previous attack in March 2022 was the largest crypto hack ever recorded, involving a loss of approximately $620 million. The 2022 breach was attributed to the Lazarus Group, a North Korean hacking entity. This historical context underscores the network’s ongoing security challenges.
Current Status and Future Steps
Following the recent exploit, Ronin Network has halted its bridge operations and is investigating thoroughly. The team has acknowledged that the bridge’s recent upgrade introduced a flaw that allowed the exploit to occur. They are working on fixing this issue and implementing additional security measures. The Ronin Bridge, which currently holds over $850 million in assets, remains secure, and the team is ensuring that user funds are protected.
The Ronin network recently announced on social media that the stolen Ethereum was returned and that the remaining USDC is expected to be returned later that day. The white hat hackers will be rewarded, and the bridge network will be audited before being reopened.
Update:
The ETH (~$10 M) has been returned and we expect that the USDC will be returned later today. We thank the white hats for their vigilance and integrity. The Bug Bounty Program will reward the white hats with a 500 K bounty.
The Ronin team has promised to provide a detailed post-mortem of the incident next week, outlining the exploit’s technical details and the steps to prevent future occurrences.
Conclusion
The recent exploit of Ronin Network highlights the persistent security vulnerabilities within the cryptocurrency sector. While there is cautious optimism that the involvement of whitehat hackers could lead to the return of the stolen funds, the incident underscores the need for robust security measures and continuous vigilance in the rapidly evolving landscape of blockchain technology.
