BNB -0.68%
BTC -1.48%
DOGE -4.57%
ETH -1.07%
PEPE -4.92%
XRP -0.67%
SHIB -0.27%
SOL 2.21%
TG Casino
powered by $TGC

Over USD 600M Stolen in Blockchain Bridge Hack as Axie Infinity’s Ronin Exploited

Linas Kmieliauskas
Last updated: | 2 min read
Source: Adobe/Negro Elkha


The first quarter of 2022 is about to end with one of the largest crypto thefts, as the gaming-focused Ronin bridge, which connects blockchains, has been exploited to the tune of more than USD 600m.

The Ronin Network confirmed that the bridge has been exploited for ETH 173,600 and USDC 25.5m, which is now worth around USD 617m. However, per blockchain analysis firm Elliptic, the total value of the stolen cryptoassets at the time of the theft was USD 540m, which makes it the second-largest crypto theft.

As of 29 March 2022. Value of funds at the time of theft. Source: Elliptic


Both the bridge and the Katana decentralized exchange have been halted, they added.

The team behind the network claims that today, they discovered that Sky Mavis’s Ronin validator nodes and Axie DAO validator nodes were compromised on March 23. Sky Mavis is the developer of Axie Infinity, the popular blockchain-powered play-to-earn game. The firm also developed Ronin, an Ethereum-linked sidechain made specifically for Axie Infinity.

“The attacker used hacked private keys in order to forge fake withdrawals. We discovered the attack this morning after a report from a user being unable to withdraw 5k ETH from the bridge,” they said.

The team said they are working with law enforcement officials, forensic cryptographers, “and our investors to make sure all funds are recovered or reimbursed.”

“All of the AXS, RON, and SLP on Ronin are safe right now,” they added.

According to them, their users are now unable to withdraw or deposit funds to Ronin Network.

“Sky Mavis is committed to ensuring that all of the drained funds are recovered or reimbursed,” the team added. 

At 18:44 UTC, AXS trades at USD 65 and is down almost 9% in a day, SLP dropped 11% to USD 0.02, while RON crashed 20%, reaching USD 1.84.

Elliptic said that its internal analysis indicates that the exploiter has already begun laundering their proceeds, with funds originating from the attack already reaching at least “three prominent crypto exchanges.” The exploiter is using both centralized and decentralized exchanges, they added.

“At the time of writing, around USD 16 million in ETH has been laundered in this manner, leaving USD 524 million in various Ethereum accounts which appear to belong to the attacker,” the firm said.


Learn more: 
Crypto Security in 2022: Prepare for More DeFi Hacks, Exchange Outages, and Noob Mistakes 
Digital Collectibles Marketplace VeVe Loses ‘Large Amount of Gems’ in an Exploit

ApeCoin Smart Contract Exploited, ‘Well-Prepared Claimer’ Walks Away With USD 380K
DeFiance Founder’s USD 1.76M Loss is a Lesson For NFT Investors
Poly Network Hacker Keeps Sending Funds Back, Returns USD 342M

BlockFi, Swan Bitcoin, Pantera Advise Users How to Stay Safe After Data Got Hacked in Hubspot CRM Raid
IRA Financial Trust Hack Reportedly Sees USD 36M in Crypto Stolen From Users

The 4th Largest Crypto Theft Shows DeFi Weakness as Hacker Nets USD 325M in a Wormhole
What Did We Learn from the MonoX Hack?

(Updated at 19:18 UTC with additional details and comments. Updated on March 30 at 5:39 UTC to correct the stolen amount of USDC, which is  USDC 25.5m, not USD 25.5.)