Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
Axie Infinity sidechain Ronin Network issued a community alert today. Ronin Network experienced a security breach. Ronin bridge 17.36w ETH and 25.5M USDC were stolen, with a loss of more than 610 million US dollars. As stated by the Ronin developers, the attacker used the hacked private key to forge fake withdrawals, pulling funds out of the Ronin bridge in just two transactions. It is reported that this incident is suspected to be related to the North Korean hacker group Lazarus Group. Attack method (per SlowMist): Private Key Leakage. Reported loss: $ 610,000,000.
- chain
- —
- protocol
- Ronin Network
- bug_class
- private-key
- date_occurred
- 2022-03-29
- loss_usd
- $610,000,000
- source_id
- sm:ronin-network::2022-03-29