U.S. markets closed
  • S&P 500

    4,071.70
    -4.87 (-0.12%)
     
  • Dow 30

    34,429.88
    +34.87 (+0.10%)
     
  • Nasdaq

    11,461.50
    -20.95 (-0.18%)
     
  • Russell 2000

    1,892.84
    +11.16 (+0.59%)
     
  • Crude Oil

    80.34
    -0.88 (-1.08%)
     
  • Gold

    1,797.30
    -3.80 (-0.21%)
     
  • Silver

    23.17
    +0.53 (+2.33%)
     
  • EUR/USD

    1.0531
    +0.0002 (+0.02%)
     
  • 10-Yr Bond

    3.5060
    -0.0230 (-0.65%)
     
  • GBP/USD

    1.2296
    +0.0040 (+0.33%)
     
  • USD/JPY

    134.2710
    -1.0350 (-0.76%)
     
  • BTC-USD

    17,026.88
    +87.38 (+0.52%)
     
  • CMC Crypto 200

    404.33
    +2.91 (+0.72%)
     
  • FTSE 100

    7,556.23
    -2.26 (-0.03%)
     
  • Nikkei 225

    27,777.90
    -448.18 (-1.59%)
     

Axie Infinity’s Ronin Network Suffers $625M Exploit

Don't miss CoinDesk's Consensus 2022, the must-attend crypto & blockchain festival experience of the year in Austin, TX this June 9-12.

The latest crypto hack may be the largest yet.

The gaming-focused Ronin network announced Tuesday a loss of over $625 million in USDC and ether (ETH).

According to a blog post published by the Ronin network’s official Substack, the exploit affected Ronin validator nodes for Sky Mavis, the publishers of the popular Axie Infinity game, and the Axie DAO.

An attacker “used hacked private keys in order to forge fake withdrawals” from the Ronin bridge across two transactions, as seen on Etherscan.

While the Ronin sidechain has nine validators requiring five signatures for withdrawals and is meant to protect against these types of attacks, the blog post notes that “the attacker found a backdoor through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator.”

The blog post pegged the losses at 173,600 ether and 25.5 million in USDC, currently worth in excess of $625 million.

Back in August 2021, a hacker made off with $611 million in an exploit of cross-chain decentralized finance (DeFi) protocol Poly Network. The vast majority of the funds were returned.

The Ronin attacker’s Ethereum address is a fresh address that transferred ETH in from the Binance exchange one week ago. Etherscan records show that the attack took place last Wednesday.

The majority of the funds remain in the attacker’s address, though 6,250 ETH has been transferred to various other addresses.

The Ronin Bridge and the Katana automated market maker (AMM) have both been paused while investigations are ongoing.

“We are working directly with various government agencies to ensure the criminals get brought to justice,” the blog notes.

The price of RON, the native token of the Ronin network, is down 27% on the news, according to CoinGecko.

UPDATE (March 29, 16:20 UTC): Adds price of RON.