Hacksy Infinity

Market Meditations | March 30, 2022

It’s the biggest DeFi hack of all time and nobody noticed for nearly a week.

Seven days ago over $600 million dollars worth of crypto assets were drained from the Ronin network and are largely sitting untouched. But there has been some movement of funds:

  • It was only yesterday when a user tried to withdraw 5000 ETH that the Ronin team noticed that the bridge contract had been exploited.
  • In a community alert, the network supporting Axie Infinity announced that 173,600 ETH and 25.5M USDC had been stolen and that they were halting the Ronin bridge and Katana DEX contracts.
  • The exploiters managed to get access to five of the nine validator nodes required to confirm a transaction and generated a forged withdrawal to their wallets.
  • They used hacked private keys to access four of the nodes run by parent company Sky Mavis, and then exploited a backdoor in some old code to access a node run by Axie DAO.
  • All of the USDC was converted to ETH via UniSwap and about $20 million of ETH has been moved out of the original wallet, mostly sent to Huobi and FTX exchanges.
  • The team is now working with law enforcement, forensic cryptographers and investors to try to recover and reimburse funds. None of the AXS, RON or SLP has been exploited, although their values have taken a 10-20% tumble following the news.

It remains to be seen whether the funds will be recovered or not. A leveraged short and a white hat bounty might have been the aim all along. Unless of course, it’s Lazarus again…