CryptoPotato
CryptoPotato
  • Crypto News
  • Margin Trading
  • Guides
    • Bitcoin & Crypto Guides 101
    • Bitcoin For Beginners
    • Editorials
  • DeFi & NFT
  • Buy
  • Language
  • Crypto News
  • Bitcoin For Beginners
  • Cryptocurrency Guides 101
  • Editorials
  • Bitcoin & Crypto Margin Trading
  • DeFi & NFT News
  • Bitcoin Price Analysis
  • CryptoPotato Crypto Fund
  • Ethereum (ETH) Price Analysis
  • Ripple (XRP) Price Analysis
  • Market Updates
  • Interviews
  • Buy Bitcoin with Card
  • bitcoin
    BTC$20,071.00
  • ethereum
    ETH$1,094.79
    • Market Updates
    • BTC Analysis
    • ETH Analysis
    • XRP Analysis
    • Interviews
    • Crypto Fund
    CryptoPotato
    CryptoPotato
    • Crypto News
    • Margin Trading
    • Guides
      • Bitcoin & Crypto Guides 101
      • Bitcoin For Beginners
      • Editorials
    • DeFi & NFT
    • Buy
    • Language
    • Crypto News
    • Bitcoin For Beginners
    • Cryptocurrency Guides 101
    • Editorials
    • Bitcoin & Crypto Margin Trading
    • DeFi & NFT News
    • Bitcoin Price Analysis
    • CryptoPotato Crypto Fund
    • Ethereum (ETH) Price Analysis
    • Ripple (XRP) Price Analysis
    • Market Updates
    • Interviews
    • Buy Bitcoin with Card
    Home » Crypto News » The Biggest Ever Crypto Hack: What Happened in the Ronin Bridge Attack

    The Biggest Ever Crypto Hack: What Happened in the Ronin Bridge Attack

    Author: Jordan Lyanchev

    Last Updated Mar 30, 2022 @ 15:17

    The hack took place a week ago but it became known just yesterday – what do we know about the largest crypto exploit so far?

    Ronin Network, a critical bridge chain that powers Axie Infinity, was attacked, and this resulted in in a loss of 173,600 Ethereum and 25.5M USDC, equivalent to over $600M. Since the breach occurred on March 23rd, the stolen funds have flowed into FTX, Huobi, and CryptoCom, which have all vowed to take actions to trace the funds.

    Binance said it had temporarily suspended withdrawals and deposits on the Ronin Network.

    Sky Mavis, the company behind Axie Infinity, said it would compensate online participants who lost funds during the attack against Ronin’s systems.

    Stolen Funds Mostly Remain Unmoved

    According to the analysis conducted by PeckShield Inc, a blockchain security and data analytics company, the hacker’s main address “0x098B716B8Aaf21512996dC57EB0615e2383E2f96” contained a negligent amount of ETH. That acted as the fee for its later transactions to multiple wallets on centralized exchanges.

    Later, the attacker transferred the funds to multiple unknown wallets. They used those to send 1,220 ETH to an account on FTX, 3,750 ETH to three Huobi addresses, and 1 ETH to a CryptoCom wallet. However, most of the funds are still remaining at the hacker’s main address.

    ADVERTISEMENT

    Here comes an initial flow chart @Ronin_Network! Hope it helps to recover the stolen funds! @binance @HuobiGlobal @FTX_Official @SBF_FTX @cz_binance @MultichainOrg https://t.co/N660QtFukP pic.twitter.com/ABWktFpOPx

    — PeckShield Inc. (@peckshield) March 30, 2022

    Mistracker’s on-chain analysis revealed that the hacker has gradually converted 25.5M USDC to ETH since March 23th, but only until March 28th at 2:30:38 did they begin to move the funds to different addresses. As of March 30th, there was a total of over 180 ETH sitting in four wallets under the attacker’s control.

    To support the investigation of the incident, Binance blocked addresses by the potential hacker and had suspended all deposits and withdrawals on the Ronin Network since March 29th. The company also announced that “withdrawals of Wrapped Ether (WETH) on the Ethereum network, and the convert function from WETH to ETH” are being paused.

    Aleksander Larson, The COO of Axie Infinity, tweeted that the “internal network is currently going through a deep forensics review to ensure there is no lingering threat.” He also admitted that it was a “social engineering attack combined with a human error from December 2021” that led to the incident.

    3/4

    We are committed to ensuring that all of the drained funds are recovered or reimbursed, and we are continuing conversations with our stakeholders to determine the best course of action.

    — Psycheout – Aleksander | Axie Infinity (@Psycheout86) March 30, 2022

    Cross-Chain Security issues

    As reported by CryptoPotato yesterday, since five out of nine validator nodes on the Ronin Chain are required to initiate a deposit or a withdrawal, the perpetrator may have managed to get control over Sky Mavis’s four Ronin validators and a third-party validator run by Axie DAO.

    The attacker was reportedly completed by locating a backdoor through Ronin’s “gas-free RPC node,” which was used to compromise the Axie DAO validator node. Currently, the validator threshold for withdrawals has been raised to eight out of nine for strengthening the network security.

    SPECIAL OFFER (Sponsored)
    Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).

    PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to receive up to $7,000 on your deposits.

    You Might Also Like:

    • defi_hack_cover
      Multichain Whitehat Hacker Returns 259 ETH: Report
    • hacker_steal_cover
      Largest Crypto Hack Ever? Ronin Bridge Exploited for $600M+ in ETH and USDC
    • hack_cover
      $3 Million in DAI and ETH Stolen From Deus Finance in the Latest DeFi Hack
    Tags: DeFi Ethereum Hacking
    Enjoy reading? Share with your friends
    Facebook Twitter LinkedIn Telegram

    About The Author

    Jordan Lyanchev
    More posts by this author

    Jordan got into crypto in 2016 by trading and investing. He began writing about blockchain technology in 2017. He has managed numerous crypto-related projects and is passionate about all things blockchain. Contact Jordan: LinkedIn

  • bitcoin
    BTC$20,071.00
  • ethereum
    ETH$1,094.79
  • Join Our Community

    FacebookTwitter YouTubeTelegram


    Editorials
    Over 33% of NFT Volume is Wash Trading: bitsCrunch CEO Interview

    Over 33% of NFT Volume is Wash Trading: bitsCrunch CEO Interview

    What’s Going on With Celsius Network and Why Is It a Huge Risk for Crypto (Opinion)

    What’s Going on With Celsius Network and Why Is It a Huge Risk for Crypto (Opinion)

    Institutions Are Definitely Here: ConsenSys’ Harriet Browning (Interview)

    Institutions Are Definitely Here: ConsenSys’ Harriet Browning (Interview)

    Binance Visa Card Guide: Read Before You Order

    Binance Visa Card Guide: Read Before You Order

    Bitstamp CEO JB Graftieaux: We Are Still Early (Interview)

    Bitstamp CEO JB Graftieaux: We Are Still Early (Interview)

    Okay Bears NFT Collection: The Complete Guide

    Okay Bears NFT Collection: The Complete Guide

    Our Ambition is to Become the Amazon of Crypto: Interview with Coinbase’s Guillaume Chatain

    Our Ambition is to Become the Amazon of Crypto: Interview with Coinbase’s Guillaume Chatain

    Join Our Newsletter
    Become a CryptoPotato VIP
    One Weekly Email Can Change Your Crypto Life.
    Sign-up FREE to receive our extended weekly market update and coin analysis report
    We NEVER send spam. You can unsubscribe at any time.
    Invalid email address
    Thanks for subscribing!
    About
    Advertise on CryptoPotato
    About Us | Contact Us | Careers

    Terms of service | Privacy Policy | GDPR
    More Sections
    IEO List | Evaluations
    Airdrops
    Scholarship
    Cannabis Stocks News | Market Analysis
    Disclaimer
    Disclaimer: Information found on CryptoPotato is those of writers quoted. It does not represent the opinions of CryptoPotato on whether to buy, sell, or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk. Full disclaimer
    © Copyright CryptoPotato 2016 - 2021
    Scroll to top
    One Weekly Email Can Change Your Crypto Life.

    Sign-up FREE to receive our extended weekly market update and coin analysis report

    We never send SPAM. You can unsubscribe at any moment
    Invalid email address
    Thanks for subscribing!