Security breaches and hacking attempts are known phenomena in the crypto and blockchain world. Despite innovation and digitization, the online world has experienced massive attacks in recent times. This is a major reason that blockchain protocols are prioritizing their security features to minimize the chances of any data mismanagement. However, the Ronin Network became the latest victim of a huge security breach.
The concerning point was that it took 6 days for the Ronin Network to identify the breach in its protocol. The network released a statement that there was a security breach on March 23, only for it to be identified on March 30. The Ronin validator nodes of Sky Mavis and Axie DAO validator nodes were compromised in this security breach.
Details of the attack and losses reported by the Ronin Network
The Ronin Network reported that a total of 173,600 Ethereum and 25.5 million USDC were pulled from the protocol in two transactions. The attack made use of hacked private keys to withdraw the assets. Most of the stolen funds are still in the wallet of the hacker. A user launched a complaint to the network about being unable to withdraw 5,000 ETH from the Ronin Bridge. The security breach was identified as a result of the complaint.
A total of five out of nine validator nodes need to sign to confirm a deposit or a withdrawal. However, the hacker got control of 4 Ronin validators from Sky Mavis and one third-party Axie DAO validator. The attackers also got through the gas-free RPC node to get the signature from the Axie DAO node validator.
In November 2021, Axie DAO had allowed Sky Mavis to sign transactions on its behalf because the latter had requested to do so. Even though it was discontinued in December, Sky Mavis was still on the allowlist. The hacker cashed on this negligence of the network to confirm the transactions.
As a response to this attack, the Ronin Network has increased the number of required validator signatures from five to eight. The network is getting in touch with security teams of other exchanges, migrating network nodes, and revamping its old infrastructure. Also, the network has currently suspended the Ronin bridge as a precautionary measure. The Ronin Network is collaborating with Chainalysis to examine the stolen funds.
The team of the network aims to collaborate with government agencies for the identification and accountability of criminals. Also, Sky Mavis is exploring ways of moving forward from this incident and growing in a more secure way in the future.