Original | Odaily Planet Daily ( @OdailyChina )_
Author | Asher ( @Asher_0210 )_
Yesterday afternoon (August 6), according to Pionex monitoring, the game blockchain Ronin was suspected to have been hacked, with approximately 4000 ETH and 2 million USDC stolen, worth about $12 million.
Stolen approximately 2 million USDC
Ronin stolen again? The first reaction of various communities was more disbelief, "Everyone is looking forward to the Ronin ecosystem going online again with hit games like Pixels, how could a theft happen at this time?" Some even joked, "Can we take advantage of the low price to buy, after all, they are unlikely to encounter two attacks within a year!"
After the theft incident spread rapidly in the community, the price of RON further declined from its original downward trend, dropping to a low of $1.25, with a short-term decline of over 8%.
Source: coingecko
Team's immediate response: Ronin Bridge temporarily suspended, more information to be released later
In response to the community's concern about the Ronin Bridge being attacked, Ronin COO Psycheout immediately posted on X platform, stating that the Ronin Network bridge has been temporarily suspended while we investigate the white-hat hacker's report of a potential MEV vulnerability. The team will soon release more information and emphasize that the Ronin bridge currently secures over $850 million in funds.
Ronin COO's response to the theft incident
At the same time, Ronin also posted on X platform, stating that earlier today, a white-hat notified Ronin of a potential vulnerability. After verifying the report, the Ronin bridge was paused approximately 40 minutes after the first on-chain operation. The attacker withdrew approximately 4000 ETH and 2 million USDC, worth about $12 million. This is the maximum amount of ETH and USDC that can be withdrawn in a single transaction from the bridge, and the bridge limit is an important safeguard to enhance the security of large fund withdrawals and effectively prevent further damage caused by this vulnerability.
Ronin stated that due to an issue introduced by a bridge upgrade after deployment through the governance process, the cross-chain bridge misunderstood the bridge operator voting threshold required to withdraw funds. Efforts are currently underway to find a solution to the root cause, and the bridge update will undergo strict review before being voted on by bridge operators for deployment. Negotiations are currently underway with these seemingly white-hat hackers, who have responded in good faith. Regardless of the negotiation outcome, all user funds are secure, and any shortfall funds will be re-deposited when the bridge reopens. Results of the post-incident analysis will be shared next week, including technical details and planned measures to prevent similar incidents in the future.
Vulnerability cause: Ronin Bridge vulnerability due to weight being changed to an unexpected value, allowing funds to be withdrawn without multi-signature approval
After the theft incident, according to the analysis by the Beosin security team, the root cause of this abnormal behavior was that when the project upgraded the contract, it did not properly initialize the operator weight required for cross-chain transaction confirmation, causing the minimumVoteWeight parameter in the contract to be zero, allowing anyone's signature to pass cross-chain verification. Currently, 3996 ETH has been lost from the Ronin bridge, and the funds are stored in 0xc6aec68dd6272efcbc74fb5308fe7f070437465e (this address is an MEV bot, so it is speculated that it may be white-hat behavior).
Ronin bridge vulnerability analysis
Fortunately in misfortune, the hacker attack on Ronin this time was indeed a white-hat hacker. According to the information released by Ronin on X platform, the white-hat hacker has returned approximately $10 million worth of ETH and 2 million USDC, and has stated that the vulnerability bounty program will reward the white-hat with a $500,000 bounty. Meanwhile, the Ronin bridge will undergo an audit before reopening, and the latest news will be provided during the audit progress.
Ensuring fund security is always the top priority
The theft incident at Ronin this time has triggered strong negative emotions in the community, mainly because the Ronin chain has been attacked by hackers multiple times before, further intensifying everyone's sensitivity and panic about security issues. Fortunately, this incident only involved an attack by a white-hat hacker, and the user funds on the Ronin chain are safe.
However, according to a recent report released by the blockchain intelligence company TRM Labs, the amount of cryptocurrency stolen by hackers in the first half of 2024 was more than twice that in the first half of 2023 in terms of US dollar value. Data shows that as of June 24 this year, the total amount of stolen cryptocurrency reached $1.38 billion, compared to $657 million in the same period in 2023. The five largest hacking incidents so far this year accounted for 70% of the total amount stolen. It can be seen that with the rapid development of the Web3 industry, the amount stolen has significantly increased. Therefore, ensuring fund security is always the top priority for both users and projects. For projects, a single theft can lead to a large loss of real users; for users, a theft may mean "working for nothing for a year."
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
