KEYTAKEAWAYS
- Ronin Network suffers $9.8M ETH loss in suspected white hat hack.
- MEV bot extracts funds; Axie Infinity deployer confirms incident.
CONTENT
A recent exploit on the Ronin Network resulted in the theft of 3,996 ETH, valued at $9.8 million. Blockchain security firm PeckShield reported the incident, suggesting a potential white hat hacker involvement.
In a recent cybersecurity incident, the Ronin Network experienced a significant loss of 3,996 Ether (ETH), equivalent to approximately $9.8 million. The exploit, reported by blockchain security firm PeckShield on August 6, has raised concerns about potential vulnerabilities within the network.
Earlier today, we were notified by white-hats about a potential exploit on the Ronin bridge. After verifying the reports, the bridge was paused approximately 40 minutes after the first on-chain action was spotted.
The actors withdrew ~4K ETH and 2M USDC, valued at ~$12M, which…
— Ronin (@Ronin_Network) August 6, 2024
The incident bears similarities to a previous case earlier this year when a hacker returned $71 million worth of stolen cryptocurrency after exposing a substantial security flaw. This pattern suggests the possibility of a white hat hacker involvement – an ethical hacker who may return the stolen funds after identifying and demonstrating the security vulnerability.
According to blockchain data, the exploit involved a maximal extractable value (MEV) bot identified as “0x4ab”. MEV bots are tools commonly used by validators in decentralized finance (DeFi) to identify and capitalize on arbitrage opportunities. In this instance, the bot executed a transaction that extracted $9.8 million from the Ronin bridge. Subsequently, the bot transferred 3.9 ETH to a wallet known as “beaverbuild” (“0x952”).
Cyvers, a blockchain security firm, confirmed in an August 6 post on X (formerly Twitter) that the hack originated from an MEV bot. This information was corroborated by a message sent to the address by the deployer of the Axie Infinity contract, further validating the nature of the incident.
🚨ALERT🚨Our system has detected a suspicious transaction involving @AxieInfinity
A #MEV bot has withdrawn around 4K $ETH $9.85M!
It seems that team has paused the protocol at https://t.co/PuhMBjvoO3
Funds currently parked at https://t.co/MAIQyrd0SVWant to keep your company… pic.twitter.com/VKniilP4uF
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) August 6, 2024
This event adds to the growing list of cryptocurrency hacks in 2024. The first quarter of the year alone saw $542.7 million worth of stolen funds, marking a 42% increase compared to the same period in 2023. July was particularly notable for several high-profile attacks, including a $230 million theft from WazirX, an Indian cryptocurrency exchange. The WazirX hacker has since moved $57 million worth of ETH to new addresses, highlighting the ongoing challenges in tracking and recovering stolen digital assets.
>> Also read: WazirX to Distribute $230 Million Hack Loss Among Users, Sparking Controversy
The Ronin Network exploit underscores the persistent security challenges faced by the cryptocurrency industry. As digital assets continue to gain popularity and value, they increasingly become targets for sophisticated cyber attacks. This incident serves as a reminder of the critical importance of robust security measures and continuous vigilance in the rapidly evolving blockchain ecosystem.
While the involvement of a white hat hacker offers a glimmer of hope for the potential return of the stolen funds, it also highlights the need for proactive security audits and improvements in blockchain networks. As the investigation continues, the cryptocurrency community eagerly awaits further developments and potential insights into preventing similar exploits in the future.
>> Also read: 4 Most Common Crypto Scams And How To Avoid Them
