Since the birth of Bitcoin in 2008, the security of digital assets has been a hot topic of discussion. The development of blockchain technology for more than 10 years has been accompanied by continuous hacking incidents.
With the continuous growth of the scale of digital assets, the problem of hidden security risks of crypto assets is becoming more and more serious. According to statistics from security companies, by the end of 2021, the theft of digital assets has reached more than 2.5 billion US dollars.
Ronin cross-chain hacked
According to Coinbetter, the NFT game Axie Infinity sidechain Ronin Network said it discovered earlier today that Sky Mavis’ Ronin validator node and Axie DAO validator node were hacked on March 23rd, resulting in bridging in two transactions 173,600 ETH and 25.5 million USDC, currently worth around $625 million, make it the largest crypto hack to date. Currently Ronin has suspended Ronin Bridge and Katana DEX.
Reasons for Ronin Network theft
Sky Mavis’ Ronin chain currently consists of nine validator nodes, and identifying a deposit event or withdrawal event requires five of the nine validator signatures, Ronin said. The attackers managed to gain control of four of Sky Mavis’ Ronin validators and a third-party validator run by Axie DAO.
All AXS, RON and SLP on Ronin are currently safe, Ronin said. Ronin officials are in contact with the security teams of major exchanges and are working directly with various government agencies to ensure criminals are brought to justice.
It is understood that at present, the hacker’s profit-making address (0x098B716B8Aaf21512996dC57EB0615e2383E2f96) has converted 25.5 million USDC into ETH, and then transferred 6,250 ETH in a decentralized manner, of which 1,221 ETH was transferred to the exchange platform (FTX and Crypto.com), and the remaining balance of funds remained at Hacker address. The hacker launched the attack and the source of funds was Binance withdrawal.
Coinbetter Security Team: Paid close attention to the theft of Ronin and actively keep in touch with Ronin officials
In response to the theft of the Ronin bridge, Coinbetter security team made four suggestions for cross-chain projects:
1. Pay attention to the security of the signature server;
2. When the signature service goes offline, update the security policy and close the corresponding service module;
3. Multi-signature verification, the multi-signature service must be logically isolated, and the signature content must be independently verified;
4. Real-time monitoring of all transactions, and real-time automatic alarms for abnormal transactions.
Coinbetter believes that the blockchain security vulnerabilities discovered so far are mainly concentrated in smart contracts, and at the same time, the security issues of the blockchain platform have also attracted much attention. The biggest threat to the blockchain application system is the traditional security vulnerabilities in the application system, such as source code vulnerabilities, business logic vulnerabilities, website security vulnerabilities, App security vulnerabilities, etc.
At present, the application of blockchain technology is relatively limited, and the main applications are still concentrated in the financial field. In response to the severe security situation of blockchain, Coinbetter has laid out a complete security protection ecosystem, using distributed server clusters, distributed storage, A variety of advanced technologies such as a high-speed memory transaction engine with multiple machines, cold wallets, and hot wallets with offline private keys fundamentally ensure the security of users’ assets.
All funds use deep cold storage to completely eliminate all possible dangers and provide bank-level security risk control for every user. At the same time, Coinbetter cooperates with well-known security agencies to escort the security of the blockchain system.
If you have any thoughts and questions about the Ronin cross-chain theft, please feel free to contact us. Coinbetter Market Brand Cooperation Email: firstname.lastname@example.org, looking forward to communicating with you.