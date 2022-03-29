Hackers stole more than $615 million worth of ether and USDC from the Ronin Network, a sidechain of the Ethereum blockchain.

Ronin Network developers discovered the hack Tuesday morning, six days after the theft when an individual user reported being unable to withdraw their money from the Ronin bridge.

The stolen funds amounted to $540 million at the time of attack but increased to $615 million as of Tuesday, making it the second-largest theft seen in the crypto sector.

A side chain of the Ethereum blockchain, the Ronin Network, is used primarily as the payment rails for the popular play-to-earn game, Axie Infinity, offering game players cheaper transaction fees.

According to a blog post from the Ronin network, the theft occurred on March 23 when the attackers use hacked private keys to “forge fake withdrawals” through a backdoor route, draining 173,600 ether (ETH) and 25.5M of the stablecoin, USD coin (USDC).

Blockchains use validator nodes to verify, vote and maintain a record of transactions. Ronin consists of nine different validator nodes. To recognize a withdrawal or deposit, five out of the nine nodes must give a signature of approval.

Per the Ronin Network, attackers gained a signature through a backdoor loophole offered by the play-to-earn game’s decentralized autonomous organization.

“This traces back to November 2021 when [Axie creator] Sky Mavis requested help from the Axie DAO to distribute free transactions due to an immense user load. The Axie DAO allowlisted Sky Mavis to sign various transactions on its behalf. This was discontinued in December 2021, but the allowlist access was not revoked,” the authors of the report wrote.

The Ronin Network said it is working with law enforcement as well as the blockchain forensic firm, Chainalysis, and has taken the necessary steps to shore up future security breaches that could occur by the same route.

“As of right now users are unable to withdraw or deposit funds to Ronin Network. Sky Mavis is committed to ensuring that all of the drained funds are recovered or reimbursed,” the authors of the blog concluded.

The stolen funds, which were taken in two transactions, have been traced back to the hacker’s digital wallet. According to the developer, Kelvin Fitcher, some of the Ethereum has been deposited into accounts on the crypto exchange, FTX.

FTX Founder and CEO Sam Bankman-Fried has acknowledged the discovery and said over Twitter that his team is investigating.

Since the the Ronin Network announced the theft, its native cryptocurrency, Ronin (RON), has fallen 21% on the day from $2.30 to $2.24 per coin, according to Coinmarketcap.

Last year, attackers stole a total of $3.2 billion in cryptocurrency from investors, according to a report from Chainalysis. Before Ronin, the largest hack of 2022 so far was the $325 million theft through a flaw in Wormhole, a cross-chain bridge that allows users to transfer assets between the Ethereum and Solana blockchains.

Jump Trading, an early developer of the Wormhole bridge project, compensated investors for the stolen funds.

