Sky Mavis announced that Norwegian authorities have recovered and returned .7 million in digital assets stolen during the Ronin bridge incident. The Web3 game developer stated that an additional million in digital assets is currently frozen. However, the company cannot predict when it will be able to recover and return these funds. FBI Involved […]
Bitcoin News
Ronin Plunges Nearly 30% After Binance Debut, Raising Concerns About Pre-Listing Hype
Ronin (RON), the token powering the Ronin Network, experienced a rollercoaster ride in the past 24 hours, rallying to a two-year high before crashing nearly 30% after its listing on Binance. This dramatic price swing has raised questions about potential market manipulation and the long-term viability of the project.
From Hero To Zero: A Short-Lived Rally
On February 5th, RON enjoyed a meteoric rise, surging 15% to reach a peak of .54. This rally was fueled by investor optimism surrounding the network’s growing user base and address activity. Trading volume spiked to million, signifying increased market participation.
However, the euphoria was short-lived. Coinciding with the Binance listing announcement, the price began a precipitous decline five hours after trading commenced on the exchange. By today, RON has shed nearly 30% of its value, currently trading at .54. This drop marks a breach of the crucial support level, which the token had recently reclaimed after 14 months.
Negative Sentiment And Selling Pressure Mount
Social media sentiment surrounding RON mirrored the price action. Santiment data (chart below) reveals a 250% increase in social volume within 24 hours, but with a concerning shift towards bearishness. Negative sentiment spiked from 0.87 to 5.58, reflecting growing investor concerns.
This negativity translated into significant selling pressure, with 24-hour trading volume soaring 275% to 3 million. Market participants, eager to offload their holdings, contributed to the downward spiral.
Binance Under Scrutiny: Pump And Dump Allegations
The timing of the price surge and subsequent crash has fueled speculation of a “pump and dump” scheme, with some accusing Binance of complicity. While no concrete evidence has surfaced, Yi He, Binance’s co-founder, acknowledged the concerns and announced a million bounty program to expose any corrupt employees involved in such activities.
Future Uncertain: A Cautious Outlook
Despite the recent setback, RON still stands at a 23-month high compared to February 2022. However, the future remains uncertain. The sharp drop, shifting sentiment, and potential manipulation allegations have cast a shadow over the project’s prospects.
Featured image from Adobe Stock, chart from TradingView
Lone Survivor: Ronin (RON) Rallies 20% As Top 100 Cryptos Bleed
Today’s surge in the price of RON has caught the attention of the cryptocurrency market, with the Ronin token going up by more than 200% in the last month.
In its first nine months, Ronin has racked up 250,000 unique daily active addresses, billion in total value locked (TVL), over 2 million wallet downloads, and 15% of all NFT transactions on the market.
Its DEX Katana is the second-most popular decentralized exchange by weekly active users and allows for millions of in-game transactions.
Ronin: Gaming Blockchain Thrives Amidst Market Turmoil
Ronin (RON) is a blockchain designed for gaming that has gained significant traction in the cryptocurrency market. Launched by Sky Mavis, the creator of Axie Infinity, Ronin is tailored to optimize near-instant transactions and negligible fees, making it an ideal choice for Web3 games.
At the time of writing, RON was down a measly 0.2% in the last 24 hours, however it sustained an impressive 20% rally in the last seven days, emerging as the lone survivor in today’s crypto carnage, data from Coingecko shows.
A look at the chart shows the top 10 cryptocurrencies bathed in crimson, with Bitcoin leading the top losers with a nearly 7% loss. Down below, in the 98th spot, is Ronin with a solid gain in the weekly timescale.
In the face of broader fluctuations and uncertainties within the cryptocurrency landscape, RON has not only weathered the storm but has also demonstrated a noteworthy ascent in value.
This commendable performance positions it as an outlier, defying the broader trends that have impacted various digital assets. Investors and observers alike may find solace in the relative stability and positive trajectory exhibited by RON during a time when many other cryptocurrencies experience heightened volatility.
However, it’s important to note that the cryptocurrency market remains inherently unpredictable, and the coming weeks and months promise to be compelling for Ronin followers eagerly awaiting the cryptocurrency’s next moves.
Ronin Blockchain Crypto Wallet Update
Meanwhile, Sky Mavis has revealed an update for the cryptocurrency wallet on the Ronin blockchain. Support for multi-party computation (MPC), an in-app web browser, multichain support, and a redesigned look are among the new features.
Currently supported by the Ronin wallet are Polygon, Ethereum, and Binance’s BNB Chain. With the most recent update, customers can utilize a single wallet to manage and move assets across many blockchain networks.
Users can access decentralized apps (dApps) and communicate with blockchain-based services straight from the wallet using the latest Ronin wallet version’s in-app web browser.
Featured image from Shuttertsock
Are A Fake Job Offer And A .Pdf Responsible For The Axie Infinity/ Ronin Hack?
The latest report on the Axie Infinity/ Ronin bridge hack is too good to be true. Especially considering the FBI claims a North Korea-sponsored hacking group is responsible for it. “A senior engineer at Axie Infinity was duped into applying for a job at a company that, in reality, did not exist,” The Block reports. That’s not all, apparently, the hackers’ spyware got into the system through a simple .pdf file. Unbelievable that a 2M hack started that way.
The Ronin Network is an Ethereum sidechain that exclusively serves Axie Infinity. Both a billion-dollar business and a fun app with a thriving internal economy and an international audience, the play-to-earn game was one of the bull market’s biggest success stories. Sky Mavis is the studio behind Axie Infinity. And one of its programmers apparently fell victim to the simplest social engineering trick in the book.
According to surveillance firm Chainalysis, North Korea-sponsored hackers stole over 0M in 2021 alone. And according to the FBI, they’re responsible for the Axie Infinity/ Ronin hack. The alphabet agency traced the funds to wallets associated with North Korean hacking group Lazarus. Does The Block’s article complete or negate this version of the story? It’s hard to see North Koreans pulling a stunt quite like this.
In any case, at the time the FBI was extremely clear in a statement quoted here:
“Through our investigation we were able to confirm Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of 0 million in Ethereum reported on March 29th.”
If true, they broke their 2021 record with just one operation.
How Did The Axie Infinity/ Ronin Hack Happen?
The hack’s supposed story is hilarious, to say the least. According to The Block:
“Earlier this year, staff at Axie Infinity developer Sky Mavis were approached by people purporting to represent the fake company and encouraged to apply for jobs, according to the people familiar with the matter.”
After several rounds of interviews, one of Sky Mavis’ developers got an extremely generous offer. He opened up Pandora’s box and all hell broke loose.
“The fake “offer” was delivered in the form of a PDF document, which the engineer downloaded — allowing spyware to infiltrate Ronin’s systems. From there, hackers were able to attack and take over four out of nine validators on the Ronin network — leaving them just one validator short of total control.”
To complete the attack, they took control of another entity. Once upon a time, “the Axie DAO allowlisted Sky Mavis to sign various transactions on its behalf.” The permissions were still valid and the hackers took advantage of them. The Ronin bridge’s operators’ post-mortem on the attack describes the fallout.
“The attacker managed to get control over five of the nine validator private keys — 4 Sky Mavis validators and 1 Axie DAO — in order to forge fake withdrawals. This resulted in 173,600 Ethereum and 25.5M USDC drained from the Ronin bridge in two transaction”
Did Lazarus’ operators orchestrate such a Hollywoodesque attack? Or does the comedic modus operandi implicate other perpetrators?
AXS price chart on FTX | Source: AXS/USD on TradingView.com
Previous Coverage Of The Ronin Hack
Let’s turn to archival material to complete the story and add extra detail. When the breach happened, NewsBTC described it as:
“On March 23, cybercriminals exploited The Ronin Bridge Network, and the hackers looted over 5 million worth of assets. The assets comprise 25.5 million USDC and over 173,600 ether. A report on their blog revealed this data.”
Then, we reported on Axie Infinity and Sky Mavis’ first solution to the problem:
“The latest move announced is a million bug bounty program that invites white hat hackers to stress test the blockchain.
Co-Founder and COO of Sky Mavis and Axie announced: “Calling all whitehats in the blockchain space. The Sky Mavis Bug Bounty program is here. Help us keep the Ronin Network secure while earning a bounty up to ,000,000 in bounty for fatal bugs.”
And then, when operators reopened the new and improved Ronin bridge, our sister site Bitcoinist reviewed its characteristics:
“In addition to the two independent audits on its smart contracts, the Ronin Bridge’s new design has implemented a new “circuit-breaker” feature. This was directly added to prevent a bad actor from replicating the previous attack or exploiting any potential new attack vector.”
So, the Ronin bridge seems to be safe to use at the moment. It also seemed to be safe to use before the hack, though.
Featured Image by Niek Verlaan from Pixabay | Charts by TradingView
NewsBTC
Blockchain Data Indicates $10M Worth Of Ether From The Ronin Exploit In Rotation
More than 5,505 Ether of the Ronin Bridge exploitation seems to be transferred through Tornado Cash, a unique privacy crypto exchange.
Blockchain data showed that the address associated with the 5 million Ronin Bridge Attack had begun transferring ether tokens valued at over million. This occurred during the Asian morning hours.
The data showed that the Ronin hacker had transferred over 5,505 ether to one unknown account this morning. Additionally, the funds were sent from another Ethereum wallet funded by the prominent hacker’s blockchain address. All these took place within the early hours of Wednesday, as the funds were sent in groups of 100 ether each to the Tornado privacy crypto exchange.
The Ronin Bridge Ether Exploit
Ronin Bridge is an Ethereum-based sidechain for the play-to-earn game Axie Infinity, an NFT game. It was created by Sky Mavis and is running both Ronin Bridge and Axie Infinity.
Related Reading | Bitcoin Market Plunges Into Extreme Fear, How Scary Does It Get?
On March 23, cybercriminals exploited The Ronin Bridge Network, and the hackers looted over 5 million worth of assets. The assets comprise 25.5 million USDC and over 173,600 ether. A report on their blog revealed this data. The platform realized the attack when one of its users couldn’t withdraw 5,000 Ether from the Ronin Network.
Ethereum falls below 2k | Source: TradingView
Then, they took to Twitter to notify the public of the security breach on the platform. After the hack, the Ronin Bridge temporarily shut down to redevelop the platform. Moreover, even though attackers targeted the hack at Ronin and Axie Infinity, the incident didn’t affect the ‘axie’ tokens. Therefore, the AXS and SLP tokens used to facilitate transactions within the Axie Infinity game are still safe and unaffected.
Blockchain Data Reveals Ongoing Ether Fund Transfer
Within the early hours of Wednesday, Etherscan, a blockchain tracking platform, revealed that the attackers made about 55 transactions from an address funded by the principal looter. Currently, the wallet holds 3.45 ether, summing to ,885.84.
(Image Source: EtherScan)
This step followed the massive selling of looted ether in April when the looters transferred over 21,000 ether via various transfers to the Tornado exchange. The transaction was worth over million then.
Tornado Privacy Crypto Exchange
Tornado crypto exchange is an advanced crypto exchange that tweaks and breaks through the on-chain for a destination and source address. Thus, enabling hackers to hide their addresses while illegally withdrawing looted funds.
The United States Trace the Looting to North Korean Hackers
The United States official had previously traced the looter’s address to the “Lazarus” group, an infamous group of hackers sponsored by the North Korean supreme leader Kim Kuk-song. Also, Chainalysis, the blockchain tracking platform, traced and confirmed the transaction between the North Korean Cybercriminal group.
Related Reading | New Data Shows China Still Controls 21% Of The Global Bitcoin Mining Hashrate
In a thread on Twitter, the platform even provided proof of the Lazarus group being behind the March exploitation.
Sky Mavis Accrues 0 Million In A Funding Round to Regain Ronin Bridge
Sky Mavis, the Ronin Bridge, and the Axie Infinity platform raised over 0 million following the massive attack and exploitation. This effort was to regain the Ronin Bridge platform after the previous hit.
Among the list of supporters was the world’s biggest cryptocurrency exchange Binance, alongside other crypto entities.
Featured image from Pexels, charts from EtherScan and TradingView.com
NewsBTC
The Ronin Hack Aftermatch: Axie Infinity’s $1M Bug Bounty
The popular blockchain game Axie Infinity has been left shaking after the 0 million Ronin bridge hack. The studio behind the game, Sky Mavis, has been taking multiple measures to try to secure the network and win back the confidence of users. The latest move announced is a million bug bounty program that invites white hat hackers to stress test the blockchain.
Co-Founder and COO of Sky Mavis and Axie announced: “Calling all whitehats in the blockchain space. The Sky Mavis Bug Bounty program is here. Help us keep the Ronin Network secure while earning a bounty up to ,000,000 in bounty for fatal bugs.”
The Ronin Hack
On March 23rd, a hacker was able to scoop 0 million from the Ronin bridge. It is the largest hack in the history of decentralized finances so far. The Ronin Network team confirmed that Sky Mavis’s Ronin validator nodes and Axie DAO validator nodes were compromised as the attacker used “hacked private keys in order to forge fake withdrawals.”
The attack was uncovered after the attacker was unable to withdraw 5k ETH from the bridge. But it was too late, as they had already drained 173,600 Ethereum and 25.5M USDC from the Ronin bridge in two transactions.
The Ronin team stated that they are working with law enforcement officials, forensic cryptographers, and investors “to make sure all funds are recovered or reimbursed,” and added that “All of the AXS, RON, and SLP on Ronin are safe right now.”
“While racing for mainstream adoption, we made some trade-offs that ended up leaving us vulnerable to this sort of attack. It’s a lesson that we’ve learned the hard way. A lesson that will guide how we build Ronin out moving forward. We’re confident that we will come out stronger and wiser from this.”
As a response, the Sky Mavis team raised 0 million led by crypto exchange Binance with participation from Animoca Brands, a16z, Dialectic, Paradigm, with the goal to reimburse all the funds stolen during the hack to the affected users.
Since then, the team has been working with Chainalysis and Crowdstrike “to monitor the stolen funds” and “to handle forensics and the setup of surveillance tools.”
Bridges can be a vulnerable point for blockchain projects, and this hack set a big warning about it. Bridges connect blockchains with the purpose of enabling transactions between tokens built on different ecosystems. However, bridges have a complex code and don’t have enough security standards yet, and hackers are gazing upon them to spot any vulnerability.
Related Reading | Hacker Scoops Up Million Bounty After Spotting Fatal Flaw In Ethereum Rollup
M Bounty
Bridges can be so complex that it is not 100% clear if code auditing is enough to ensure the Ronin bridge’s safety. The Ronin team had stated that they are in the process of “implementing rigorous internal security measures to prevent future attacks.”
“The Ronin Network bridge will open once it has undergone a security upgrade and several audits, which can take several weeks.”
Now, they are calling in all white-hat hackers of the blockchain to search for vulnerabilities in exchange for a handsome reward. The team has given a list of products that should be stress-tested while prioritizing smart contracts and blockchain, websites, and apps. They noted that the only vulnerabilities that are considered eligible for monetary rewards are those with a working proof of concept that shows how they can be exploited.
Rewards for Smart Contracts and Blockchain vary from ,000 to ,000,000, and for Web and Apps, they vary from to ,000. All rewards will be paid in AXS tokens and only a specified portion of the received funds can be liquidated per month.
“It is possible that extraordinarily severe issues or those with extreme impact may be rewarded up to ,000,000″ the announcement stated and added that “Sky Mavis may award an additional reward bonus for exceptional reports.·
Axie Infinity (AXS) Price
For the past weeks, Axie Infinity’s token AXS has been tumbling, falling around 30% after the hack. However, traders are watching out for a breakout above the key resistance level of as the current zone has previously served for accumulation, which could mean a rebound for AXS. However, there also seems to be a risk to trigger a head-and-shoulders pattern, which could sink AXS further down. The token is down 0.09% in the last 24 hours.
Related Reading | Axie Infinity Smooth Love Potion (SLP) Explodes With 300% Gain This February
AXS at 47 USDT in the daily chart | AXSUSDT on TradingView.com
NewsBTC