ETH
by BSCN
August 6, 2024
Blockchain security firm PeckShield reported the exploit, prompting Ronin Network to pause operations to investigate
The Ronin Network, known for its role in play-to-earn games, has been exploited again. This time, over $11.33 million was siphoned off, marking the second significant hack in two years.
The breach was first reported by blockchain security firm PeckShield. They revealed that a Maximal Extractable Value (MEV) bot withdrew Ether (ETH) and USD Coin (USDC) worth $11.33 million from the Ronin Bridge.
#PeckShieldAlert @Ronin_Network #whitehacked? or Hacked? (w/ ~ $9.33M) pic.twitter.com/wfaY0zhVdI
— PeckShieldAlert (@PeckShieldAlert) August 6, 2024
The nature of these transactions remains uncertain, with speculation about whether they were executed by malicious actors or ethical/whitehat hackers aiming to expose vulnerabilities.
White hat hackers often exploit vulnerabilities to demonstrate security flaws, subsequently returning the stolen funds. In this case, Ronin's exploit could lead to funds being returned soon, reducing its impact.
Following the alert, Ronin Network paused its operations.
"Earlier today, we were notified by white-hats about a potential exploit on the Ronin bridge," the network posted on X.
They confirmed the bridge was paused 40 minutes after the first on-chain action was detected. The pause was necessary to prevent further exploitation while the team investigated the breach.
The exploit appears to have been facilitated by an MEV bot, specifically “0x4ab,” which accidentally exploited a loophole in the Ronin Bridge protocol. MEV bots are software tools used by validators to analyze and execute arbitrage opportunities across decentralized finance platforms.
Blockchain data reveals that the MEV bot “0x4ab” executed the transaction, withdrawing a substantial amount of funds. A portion of the funds, about 3.9 Ether, was sent to a wallet known as “beaverbuild.”
Aleksander Leonard Larsen, co-founder and COO of Sky Mavis, the developer behind the Ronin Network, assured users that the protocol’s team had paused operations to investigate the breach. He emphasized that the Ronin Bridge holds more than $850 million in cryptocurrencies, and all assets are currently safe. Larsen promised more information once the team completes a thorough analysis.
This isn't the first time Ronin has been compromised. In March 2022, the network suffered a massive loss of over $615 million in USDC and Ether.
The exploit at that time involved hacked private keys used to forge fake withdrawals from the Ronin Bridge. The attacker exploited a backdoor through the gas-free RPC node, bypassing the network's security measures.
Disclaimer
Disclaimer: The views expressed in this article do not necessarily represent the views of BSCNews. The information provided in this article is for educational and informational purposes only and should not be construed as investment advice. BSCNews assumes no responsibility for any investment decisions made based on the information provided in this article
Latest News
December 9, 2024
SushiSwap Unveils Ambitious 2025 Product Launches, Expanding DeFi Ecosystem
December 9, 2024
Amazon Faces Decision on Bitcoin Investment After NCPPR Proposal
December 7, 2024
Weekly Article Recap: 12/02-12/06
December 6, 2024
Florida Plans Strategic Bitcoin Reserve Using $1.85B from Pension Fund
December 6, 2024
Who is the Upcoming White House AI and Crypto Czar, David Sacks?
December 5, 2024
From Steps to Rewards: How Runwago Changes the Game
December 5, 2024
Who is the Upcoming US SEC Chair Paul Atkins?
December 5, 2024
“Hawk Tuah” Girl’s $HAWK Memecoin Faces Backlash After Allegations of Insider Trading and Sniping