The crypto-community is suffering another theft worth 540 million euros

Another theft of cryptocurrencies in the world of cryptocurrencies. This time, the Ronin platform was hit. This acts as a “bridge” between electronic currencies. The case is valued at more than 540 million euros.

Time goes by and the news about cryptocurrencies also remains marked by the theft of cryptocurrencies. The latest case, which was published in late March 2022, is the one from the Ronin network. On March 29, the platform released a press release acknowledging a major burglary that resulted in the loss of hundreds of thousands of ethers (ETH).

A security breach has occurred on the Ronin network. Earlier today, we discovered that on March 23, Sky Mavis’ Ronin validator nodes and Axie DAO validator nodes were compromised, resulting in the withdrawal of 173,600 ethers and 25.5 million ethers. USDC by Ronin Bridge in two transactions says Ronin in his post.

The amounts at stake are significant. The value of a single ether today reaches just over 3,000 euros. A trade of 173,600 ethers therefore corresponds to more than 520 million euros at the current price. As for the 25.5 million USDC, they are worth $ 25.5 million (slightly less than 23 million euros) because the price of the USDC is indexed to the US dollar.

USDC (US Dollar Coin) is what is also called a stablecoin because its price is less subject to strong upward or downward variations as it depends on a currency that is legal tender. USDC is starting to be taken into consideration, just like with Visa. In French, we translate stablecoin with “indexed cyberjet”. Ethereum, on the other hand, is not a stack coin.

Deceived verification nodes

Ronin’s statement provides details on how the assailant handled it. It seems that the transaction validation system, which is based on nine nodes, has been deceived. To allow an operation, the validation chain must contain at least five out of nine signatures. And exactly, the attacker managed to capture four nodes plus a third node.

The attacker managed to take control of Sky Mavis’ four Ronin validators and a third-party validator powered by Axie DAO writes Ronin. Sky Mavis is the name of an American company that publishes the game Axie Infinity in which one can earn cryptocurrency. The game requires you to have ethers, such as buying on Coinbase or Binance, and then using them in the game.

The Axie Infinity game. // Source: Sky Mavis

To feed a Ronin wallet, the name given by Sky Mavis to the space used to store its digital objects and currencies, you must deposit ether from its Binance or Coinbase exchange platform using your ethereum address. For this, Sky Mavis provides a “bridge” to connect the Ethereum network to Ronin.

It is precisely at this bridge that the attack was carried out. It is a key segment of the world of cryptocurrencies as it participates in the circulation of electronic currencies and their exchange from one crypto to another. Clearly, they ensure some interoperability between blockchains, such as switching from bitcoins to ethers.

The sensitivity of the bridges was seen earlier this year with yet another rupture, this time affecting the Wormhole platform. Wormhole acts as a bridge and was deprived of $ 323 million (approximately 289 million euros) in February. The platform is a cog in the ecosystem that connects Ethereum, Solana, Terra and Binance Smart Chain.

In the case of Ronin, hacked private keys were implemented during the hack to generate fake withdrawals and circumvent the provisions that were precisely intended to prevent any fraudulent action. The attacker found a back door from which he was able to get the signature from the third-party node and complete his theft.

Outbreak in Crypto Continue

It was somewhat coincidental that the problem was discovered by Ronin. It actually required a report on a user who failed to pull 5,000 ethers off the bridge (representing a transaction of about 15 million euros) to discover the pot of roses. This explains the difference of several days between the attack (March 23) and the communication (March 29).

We work with law enforcement, forensic cryptographers and our investors to ensure that all funds are recovered or reimbursed. All AXS, RON and SLP on Ronin are secure “, Develops the press release. Exchanges also take place with Sky Mavis investors to return the funds to injured Internet users.

These digital robberies are experiencing a certain boom given the very significant gains that it is possible to achieve. The amounts mentioned in recent months are enough to make you dizzy: 120 million stolen from BadgerDAO in December, 150 million lost on BitMart the same month, 600 million from Poly Network, but also Crypto.com, Bitfinex and even NFTs.

High-flying hacking operations are not the only ones used to try to steal cryptocurrencies. Cases of website hijacking have also been reported to deceive internet users (the bitcoin.org website was a victim), as well as incidents of fake ads being broadcast through the Google Network.

Further

How to steal cryptocurrencies?  // Source: Pxhere

Leave a Comment