The Ronin network suffered a hack last week that resulted in the loss of more than $600 million in cryptocurrency.
The Ronin sidechain was created by Sky Mavis, the company that developed the popular Axie Infinity game.
The developers said the exploit occurred on March 23, but was discovered on Tuesday. It resulted in the loss of 1,73600 ETH (worth approximately $590 million) and $25.5 million in stabelcoins. Specifically, five of the nine validators on the Ronin network were attacked and were under the control of the attackers.
“Five validator private keys were compromised: 4 Sky Mavis validators and 1 Axie DAO. The validator key scheme is set up to be decentralized to limit an attack vector like this, but the attacker found a backdoor through our gasless RPC node, which they abused to get a signature for the Axie DAO validator. After the attacker gained access to Sky Mavis systems, they were able to get a signature from the Axie DAO validator using a gasless RPC,” the developers stated.
The developers said they discovered the security breach on March 29 after a report that a user was unable to withdraw 5,000 ETH from the bridge.
According to the report, most of the stolen funds are stored at this Ethereum address. Etherscan tagged the address as “involved in the Ronin bridge hack.”
“We are working directly with various government agencies to ensure that the criminals are brought to justice,” the team stated.