The bridge between Ethereum and gaming-focused Ronin sidechain was halted early Tuesday following another exploit, leading to the loss of approximately $12 million worth of assets—but most of the funds have already been returned.
The incident, described as a potential "MEV exploit," was brought to light early Tuesday by ethical hackers, Ronin co-founder Aleksander Larsen said on Twitter. He reassured users that the bridge, which secures over $850 million in assets, remains safe.
The Ronin account noted that approximately 4,000 ETH and $2 million worth of the dollar-pegged USDC stablecoin were swiped, adding up to about $12 million worth of stolen assets. The damage was limited by safeguards that cap the size of any Ronin withdrawal in a single transaction.
Late Tuesday morning, the Ronin team announced that all of the ETH—approximately $10 million worth—had been returned, and that they expected the USDC to be returned later in the day. Ronin's developers will reward the white hat hackers with a $500,000 reward for reporting the exploit and returning the swiped funds.
Ronin's team blamed a problem with a bridge upgrade launched earlier in the day, which it said "introduced an issue leading the bridge to misinterpret the required bridge operators vote threshold to withdraw funds."
Adrian Hetman, head of triaging at blockchain security firm Immunefi, told Decrypt that bridge upgrades are common avenues for attacks as they can introduce new ways to exploit the connection between chains and steal funds.
"An upgrade introduces a new attack surface and, if implemented without the necessary security measures, could potentially lead to the complete collapse of the project," Hetman said, pointing to 2022's attack of the Nomad protocol as a key example.
In the wide world of crypto, there are now many blockchains specifically designed for gaming—but Ronin was among the first to launch.
Gaming blockchains are typically built to offer low transaction fees and a higher number of potential transactions, so they’re supposed to be more affordable and more scalable than blockchains like Bitcoin and Ethereum. Some gaming chains are also private, meaning that developers must gain approval from a blockchain’s creators in order to join its ecosystem.
Ronin...
In the follow-up tweet, Ronin's developers said that the bridge code will be audited before it's brought back online, and that they intend to work with network validators to "shift operation of the bridge away from the current structure."
Ronin is the gaming-focused network that was originally launched for Axie Infinity, the monster-battling game that racked up billions of dollars' worth of NFT trading volume in 2021. Since then, it has expanded to feature games from other studios besides Sky Mavis, including the popular social farming game Pixels.
As of now, Ronin's native token, RON, appears only modestly affected by the news. While the price did broadly decline in the hours following the attack, RON rebounded slightly and remains up more than 2% over the past day amid a broader market rebound after Monday's plunge. The token is priced at $1.43 as of press time, down 27% over the last week.
Ronin, an Ethereum sidechain developed for the hit NFT game Axie Infinity, has been targeted in a hack that saw an estimated $625 million worth of cryptocurrency drained from its bridge.
Developer Sky Mavis announced the news today, writing that the exploit took place on March 23 but only discovered earlier today. The attacker used “hacked private keys” to execute the exploit, per the team’s report, and thus was able to forge transactions to claim the funds.
All told, the attacker took 173,600 W...
This is not the first time that the Ronin bridge has been compromised. In late March 2022, a major hack resulted in the loss of $622 million from the network in an attack that the U.S. Treasury pinned on North Korea's infamous Lazarus hacking group. The bridge was down for months, but was ultimately revived with added decentralization measures as Sky Mavis refunded affected users.
A more recent February incident, though smaller, saw $9.5 million worth of ETH taken from Ronin wallets, including those of Sky Mavis and Ronin Network co-founder Jeff Zirlin.
Ronin representatives declined further comment to Decrypt following the tweeted statement. A full postmortem report on the attack is expected to be released next week.
By MEV, Larsen was referring to maximum extractable value bots, which are software tools developed to monitor blockchains to find profit opportunities and automatically exploit them through automated transactions. The controversy around MEV bots centers on fairness and network integrity.
Ethereum-based farming game Pixels—the hottest crypto game not built on Telegram—just rolled out a massive Chapter 2 upgrade this week that significantly shakes things up. But you wouldn’t know it at a glance.
“Everybody’s day-to-day inside the game changes pretty drastically,” Pixels founder Luke Barwikowski told Decrypt ahead of the launch.
Pixels retains the charming retro vibe that the game’s own title conveys. And it’s fair to say that the previous gameplay was a hit with many players, attr...
Critics have argued these bots exploit users, increase fees, and centralize power to tech-savvy operators by facilitating front running, sandwich attacks, and back running, among other features. Supporters claim that they provide necessary market efficiency. The debate highlights tensions between profit-seeking behavior and blockchain ideals of equal access.
This incident comes amid growing concerns over the security of blockchain bridges. Immunefi recently reported that over $1.19 billion has been lost due to hacks and fraud in the year to date, marking a 16.3% increase compared to the same period last year. Bridges remain a key avenue for attacks.
"The bridge contains lots of money and is moving large amounts of funds every day," Immunefi's Hetman told Decrypt. "This is a juicy piece of code for any black hat trying to find a way in and steal a portion of it or all of it, the same as for the white hats trying to protect the users and the project. Apply appropriate internal and external procedures to this to make it as secure as possible."
Edited by Stacy Elliott and Andrew Hayward
GG Newsletter
Get the latest web3 gaming news, hear directly from gaming studios and influencers covering the space, and receive power-ups from our partners.
