Sky Mavis’s Ronin Network updates its community on plans to reopen the network after the security breach it experienced in March resulting in the loss of assets worth about $600 million.
Ronin Network Bridge is Being Redesigned and Funds Restored
Blockchain Journal reported the incident in March that Sky Mavis’s Ronin validator nodes and Axie DAO validator nodes were compromised resulting in 173,600 Ethereum and 25.5M USDC drained from the Ronin bridge.
According to the update from the network’s blog, the hackers have been identified and all the user funds are in the process of being restored to their wallets. However, the network faced a situation like this because they did not have a proper tracking system for monitoring the bridge’s outflows which delayed them from discovering the breach on time.
The update stated, the bridge attacker managed to get control over five of the nine validator private keys — 4 Sky Mavis validators and 1 Axie DAO — in order to forge fake withdrawals. This resulted in 173,600 Ethereum and 25.5M USDC drained from the Ronin bridge in two transactions.
After all, the Ronin team has promised an upgrade in the designs of the network structure to prevent further security concerns in the future being confident that the upgrade will stand the test of time.
“We initially expected to be able to deploy the upgrade by the end of April, but this is not a process that we can afford to rush. The bridge will secure billions of dollars in assets, and it needs to be done right. If all goes as planned the bridge will reopen in mid/late May.” Ronin’s Newsletter Stated.
Discoveries About the Hack
The Newsletter gave further details about the hack, saying that the Sky Mavis employees are under constant advanced spear-phishing attacks on various social channels and one of their employees was compromised. “The employee no longer works at Sky Mavis. The attacker managed to leverage that access to penetrate Sky Mavis IT infrastructure and gain access to the validator nodes.”
“We now know that the FBI has attributed North Korea-based Lazarus Group, highly skilled hackers, to the Ronin Validator Security Breach. The US Government, specifically the Treasury Department, has sanctioned the address that received the stolen funds.” Ronin’s letter said.
“We are so grateful for every law enforcement official we have engaged with to help us identify the hackers and our focus now is to ensure this never happens again by implementing the strongest security measures.”
TOP 10 CRYPTOCURRENCY
|#||Name||Price||Market Cap||Change||Price Graph (24h)|