News

Ronin Bridge Exploit Now Fixed With $12 Million Refund From White Hat Hackers

Key Points:

Ronin Network has recovered $12 million in stolen assets and will give $500,000 to ethical hackers.
The bridge will be audited due to a flaw exploited in the recent breach.
This Ronin bridge exploit follows a major $622 million hack by Lazarus in March 2022.

Recovery of about $10 million in Ethereum and $2 million in USDC was made in the recent security breach by the Ronin Network.

Ronin Network Recovers $12 million, Awards $500,000 to Ethical Hackers

Due to the help of ethical hackers, who both identified and reported this vulnerability, this recovery was made possible. What might be a surprise is that the hacker returned the robbed USDC just seven hours after the Ronin bridge exploit. All the purloined ETH was fully regained before the reporting.

In return, a white hat hacker is to be rewarded $500,000 by the Ronin Network. Further security will be ensured with the audit of the Ronin bridge, which serves as the channel for asset transfer between Ethereum and the Ronin sidechain, planned by the network before its reopening.

Experts claimed that this vulnerability was due to a faulty update of the Ronin Bridge. The developers described the issue as a potential MEV exploit related to the vote threshold for authorizing withdrawals, which was miscalculated in the update. At times, MEV bots, automating arbitrage strategies, inadvertently exploit vulnerabilities such as this one.

Latest Ronin Bridge Exploit Follows $622 Million Attack by Lazarus Group

What’s interesting about the attack is that it came at the hands of white hat hackers—good guys looking to discover and patch security vulnerabilities, not exploit them. This incident follows a pattern where hackers, whether malicious or ethical, sometimes return funds they’ve stolen once their activities attract attention.

In the Ronin bridge exploit, approximately 4,000 ETH and $2 million in USDC were lost, amounting to $12 million of value. This was somewhat contained by security that restricted how much could be withdrawn. This marks the second consecutive exploit of the Ronin bridge, following a massive attack back in March 2022 that saw North Korea’s Lazarus group steal $622 million from the Ronin Network.

DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Harold

With a passion for untangling the complexities of the financial world, I've spent over four years in financial journalism, covering everything from traditional equities to the cutting edge of venture capital. "The financial markets are a fascinating puzzle," I often say, "and I love helping people make sense of them." That's what drives me to bring clear and insightful financial journalism to the readers of Coincu.