More Than $600 Million Worth of Cryptocurrencies Stolen from Ronin Network

Smartphone with mobile application cryptocurrency wallet.

In one of the largest hacks to date, gamer-oriented Ronin Network announced that approximately $620 million worth of cryptocurrency had been stolen from its blockchain platform.

According to a statement released Tuesday, the company discovered that its “Ronin bridge has been exploited for 173,600 Ethereum and 25.5M USDC” on March 23. Ronin Network said that users were still unable to withdraw or deposit funds to the network as of Tuesday, March 29.

Details Regarding the Ronin Hack

The Ronin Network is the Ethereum-linked blockchain developed by the publishers of the Axie Infinity video game.

On Tuesday morning, a user reported issues withdrawing 5,000 Ethereum tokens (an estimated value of roughly $17 million) from the Ronin Network. After reviewing the complaint, the system breach was discovered and it was determined that on March 23, hackers compromised the platform through the Ronin bridge, where they used stolen private keys to make fake withdrawals.

During the hack, the cybercriminals gained control over four of the network’s validators, as well a third-party validator. At the time of the attack, only five out of the system’s nine validator signatures were needed for a withdrawal. Once they accessed the systems, they used these controls to obtain the five signatures needed.

Ronin Network linked the malicious withdraws to the compromised validators.

The vulnerability is connected to when the system used the third-party validator, Axie DAO, in November of 2021. Axie DAO gave another validator the ability to sign some transactions on its behalf. The network stopped using Axie DAO in December 2021, but the access was not removed.

What Actions Were Taken

The company stated that they addressed the incident immediately after discovering the breach and reported that the network is secure at the moment. The Ronin Network also confirmed that they were taking steps to ensure their systems are safe against future attacks and to prevent further damage to the network.

These steps include increasing the threshold of validators to eight and temporarily pausing the Ronin Bridge. Ronin Network also said it is in the “process of migrating our nodes,” which are separated from old infrastructure.

The company said it is cooperating with local law enforcement regarding the breach, as well as working with forensic cryptographers and their investors to ensure funds are recovered or reimbursed.

Other Cryptocurrency Thefts

This is not the first cyberheist and it certainly won’t be the last based on the popularity of Bitcoin, Ethereum, and other cryptocurrencies. Some past cryptocurrency thefts include:

Security research coordinator
Kat is an IT security business consultant with experience in project management, process development, and leadership. She coordinates our team's research efforts in the field of cybersecurity, privacy, and censorship.