No one noticed when hackers stole almost a half-billion dollars in crypto currencies.
That’s the crazy conclusion from the Ronin team’s announcement Tuesday morning that 173,600 ether and 25.5 million USDC stable coins were taken from their network starting March 23. Ronin is an Ethereum sidechain designed for the popular blockchain-integrated game Axie Infinity.
This theft, valued at $615 million, is one of the greatest DeFi losses to date, surpassing the $600 million in crypto stolen in August 2021 by the Poly Network breach.
To make matters worse, according to the official Ronin Network blog post, the lost funds were discovered by a user who was unable to withdraw their own ether.The bridge contract’s ETH and USDC deposits have been drained, according to Tuesday’s blog post. “At this time, Ronin Network users are unable to withdraw or deposit cash.”
Axie Infinity is a popular pay-to-play game in the Philippines, in which players pay real money to gain access to the game in the hopes of collecting tokens that can be exchanged for cash.
Unlike earlier DeFi disasters, the Ronin hack does not appear to be a smart contract vulnerability, indicating that there wasn’t necessarily a defect in the system. Rather, the thieves took a more traditional way, stealing the cryptographic keys from Axie Infinity developer Sky Mavis and “an Axie DAO third-party validator.”
“In order to fabricate false withdrawals, the attacker used hacked private keys,” Ronin explains.
To trace the funds, Ronin claims it’s cooperating with law enforcement and the blockchain analytics firm Chainalysis. As with other public blockchains, such as Bitcoin, it is feasible to see where the stolen funds are as of this writing.
While part of the boosted ether and USDC are on the move, Ronin points out that the majority of the boosted ether and USDC is held in two wallets owned by the hacker or hackers. Some monies have already been sent once more. The initial transfers in question on March 23 are documented in those wallets.
Perhaps a half-billion dollar attack wasn’t enough to set off any internal alarm bells in the exploit-prone world of DeFi. Either that, or the so-called future of finance lacks sufficient alarm bells to sound the alarm.