Hdr_About.jpg

Detail Analysis

link.png

Date:

Status:

Count:

Contributor:

March 29, 2022

info.png

Verified

1

zerofriction.io

Loss Amount:

625,000,000

info.png

Recovered Amount:

5,800,000

Currency:

Dollars, ETH, USDC

KYC By:

Audit By:

None

None

info.png

Website:

Twitter:

Discord:

No data

Telegram:

No data

Medium:

No data

Github:

No data

info.png

Key Indicators

Platform:

Type:

Category:

Method:

Ethereum

Protocol

Bridge

Poor Key Management

Extended Method:

Private key leaks for five Bridge validators, hacking by Lazarus Group

Data Sources:

info.png

The gaming-focused Ronin Network announced Tuesday a loss of over $625 million in USDC and ether (ETH).
According to a blog post published by the Ronin Network’s official Substack, the exploit affected Ronin Network validator nodes for Sky Mavis, the publishers of the popular Axie Infinity game, and the Axie DAO.

An attacker “used hacked private keys in order to forge fake withdrawals” from the Ronin bridge across two transactions, as seen on Etherscan.

While the Ronin sidechain has nine validators requiring five signatures for withdrawals and is meant to protect against these types of attacks, the blog post notes that “the attacker found a backdoor through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator.” The hacker was able to obtain 5 keys which were sufficient to execute the hack. The hack took place on March 23 and was not reported until March 29 when a user attempted to withdraw 5000 ETH from the bridge.

The blog post pegged the losses at 173,600 ether and 25.5 million in USDC, currently worth in excess of $625 million.

Update 4/19:
The FBI has confimed that North Korean hackers or the Lazarus Group were responsible for the theft.

Updated 4/22
Binance reported that the company recovers $5.8 from the stolen funds as the exploited attemtped to launder through the exchange.

Updated 5/3
Peckshield reported that Over 90% of the stolen funds have been transferred out of the exploiter's wallet, including ~71,000 $ETH ($213m) already laundered via Tornado.Cash

info.png

DISCLAIMER: While Zero Friction LLC has used the best efforts in aggregating and maintaining this database, Zero Friction LLC makes no representations or warranties with respect to the accuracy or completeness, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose. 

Under no circumstances, shall Zero Friction LLC be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the dataset or information derived from our database.