© 2022 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Ronin robbed of $625m in digital funds


The blockchain network says it has been breached, to the tune of $625 million worth of dollar-pegged stablecoins and Ethereum (ETH) cryptocurrency.

“The attacker used hacked private keys in order to forge fake withdrawals,” Ronin said. “We discovered the attack after a report from a user being unable to withdraw ETH5,000 from the bridge.”

The Ronin decentralized currency exchange was halted after the breach was discovered, leaving users unable to conduct transactions until further notice. The provider says it is working with the authorities and forensic cryptographers to recover the stolen funds – valued at around $25 million in stablecoins and ETH176,000 ($600 million).

“As we’ve witnessed, Ronin is not immune to exploitation and this attack has reinforced the importance of prioritizing security, remaining vigilant, and mitigating all threats,” said the provider. “We are using every resource at our disposal to deploy the most sophisticated security measures and processes to prevent future attacks.”

Five out of nine validator nodes were hacked – the approval threshold for a withdrawal or deposit of funds. It is thought the threat actor behind the attack took control of four nodes run by Sky Mavis and a third-party validator operated by Axie DAO.

“The validator key scheme is set up to be decentralized so that it limits an attack vector, similar to this one,” said Ronin. “But the attacker found a back door through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator.”

The attack vector is thought to have derived in part from the Axie validator’s IP being left on an “allow list” to distribute free transactions – even though this feature was supposedly discontinued in December.

In response to the attack, Ronin said it would increase the transaction threshold to eight out of nine nodes. Most of the hacked funds are thought to be in an Etherscan digital wallet belonging to the cybercriminal who carried out the attack.


More from Cybernews:

Russian aviation authority switches to paper after losing 65TB of data

The White House seeks $10.9 billion in cybersecurity funding

Crooks exploit Log4Shell to target VMware Horizon servers

How much are you willing to spend not to be homeless in the metaverse?

Hundreds of alleged Russian spies revealed in a data breach

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are marked