The Ronin Bridge, a crucial link between crypto assets and the Ronin Network, which is widely used by Axie Infinity and other gaming projects, has experienced yet another security breach. Although this incident was significantly smaller in scale than the $625 million theft that rocked the platform in March 2022, it still raised concerns within the crypto community.
The breach stemmed from a flaw in the bridge code that was introduced during a recent update, specifically related to how transactions were confirmed. The vulnerability allowed potential exploiters to target the bridge, but thanks to the quick actions of whitehat hackers and MEV (Maximal Extractable Value) bots, most of the stolen funds were secured before falling into malicious hands.
Approximately $12 million in ETH and USDC was taken during this breach — the maximum amount possible before a safety feature in the code was triggered. Remarkably, the majority of these funds were retrieved by whitehats, who acted swiftly to prevent further losses.Later that day, Ronin Network announced that the recovered ETH, valued at around $10 million, had been returned, with the USDC also in the process of being recovered.
To recognize the efforts of the whitehats, Ronin offered a $500,000 bug bounty as a reward for their vigilant actions.Following the detection of the flaw, the Ronin Bridge was promptly taken offline to prevent further exploitation. The Ronin team has since confirmed that the bridge will undergo a thorough audit before being brought back online to ensure the security and integrity of the network.
FAQ
What is the Ronin Bridge?
The Ronin Bridge connects crypto assets to the Ronin Network, which is used by projects like Axie Infinity.
What caused the breach?
A flaw introduced in a recent code update allowed potential exploiters to target transactions on the Ronin Bridge.
How much was stolen in the breach?
Approximately $12 million in ETH and USDC was taken during the breach.
Who recovered the stolen funds?
Whitehat hackers and MEV bots were able to secure and return most of the stolen funds.
What steps is Ronin taking to prevent future breaches?
The Ronin Bridge was taken offline for a thorough audit, and it will only be brought back online once its security is fully ensured.