Summary: The Ronin Network experienced a security incident where white hat hackers exploited a vulnerability in the Ronin bridge, withdrawing $12 million in cryptocurrency. The incident was reported to the Ronin team, leading to a temporary pause of the bridge for investigation and subsequent fixes.
Threat Actor: White Hat Hackers | white hat hackers
Victim: Ronin Network | Ronin Network
Key Point :
- White hat hackers exploited a vulnerability in the Ronin bridge, withdrawing 4,000 ETH and 2 million USDC.
- The incident was caused by a recent bridge update that introduced a security flaw in the vote threshold for fund withdrawals.
- The hackers returned the stolen funds and received a $500,000 bounty for their actions.
- The Ronin Network is implementing fixes and will conduct thorough audits before reopening the bridge.
- This incident follows a previous hack in March 2022, where $625 million was stolen by the Lazarus Group.
Gambling blockchain Ronin Network suffered a security incident yesterday when white hat hackers exploited an undocumented vulnerability on the Ronin bridge to withdraw 4,000 ETH and 2 million USDC, totaling $12 million.
This figure corresponds to the maximum amount of ETH and USDC that can be withdrawn from the bridge via a single transaction, so this critical security measure prevented the theft of potentially astronomical figures.
The white-hat hackers informed the Ronin Network about an exploit on the bridge as they performed their attack demonstration. After verification, the bridge was paused for 40 minutes.
Although a detailed post-mortem will be released next week, Ronin can say that the cause of the exploit was a recent bridge update deployed through the governance process, which introduced a security flaw.
The flaw caused the bridge to misinterpret the required vote threshold of bridge operators needed to authorize fund withdrawals, allowing unauthorized actors to perform damaging actions.
.png)
The Ronin Network team is working on resolving the root cause and said the fix will undergo thorough audits before it’s voted on and deployed by the bridge operators to ensure that similar incidents won’t reoccur.
The bridge will remain paused and undergo intensive checks before reopening. At the same time, the Ronin Network announced that the current structure will be abandoned for a new solution developed with Ronin validators.
Meanwhile, the white-hats have fully returned the stolen funds and will receive a generous $500,000 bounty for their “forced audit.”
Ronin had previously announced that even if the hackers did not respond positively and kept the stolen amounts, all user funds would be guaranteed, and any losses would be fully reimbursed.
It is unclear if the “researchers” exploited the bug before or after notifying Ronin about the flaw and if they demanded a bug bounty reward to return the money. BleepingComputer contacted Ronin, but our emails remain unanswered.
Ronin bridge’s previous lapses
Axie Infinity’s Ronin network bridge was previously hacked in March 2022 as part of the largest crypto heist in modern history, resulting in the loss of $625,000,000 worth of cryptocurrency.
It was later revealed that the hack was performed by the notorious North Korean hacker ‘Lazarus Group,’ who used their typical fake job interview social engineering scheme to gain privileged initial access to the target systems.
In that case, no amounts were returned by the hackers, but the law enforcement authorities recovered $30 million in September 2022 and another $5.8 million in February 2023.
Views: 1