Ronin Bridge Hackers Score $500,000 Bounty for Returning Stolen ETH

08/07/2024 16:38
Ronin Bridge Hackers Score $500,000 Bounty for Returning Stolen ETH

Ronin Bridge exploiters return $10M ETH, and whitehats receive a $500K bounty. The network plans an audit and structural changes.

The Ronin Bridge exploiters returned the stolen Ethereum (ETH), worth approximately 10 million. The whitehat hackers will receive their bounty as part of the network’s Bug Bounty Program. 

Hacking incidents remain common in the crypto industry, as bad actors exploit system vulnerabilities.

Ronin Bridge Hackers Return Stolen ETH

The Ronin network shared the update, indicating the return of approximately $10 million stolen on Tuesday. While some $2 Million Worth of USDC stablecoin still needs to be returned, the network rewards the show of good faith with up to $500,000 in bounty to the whitehat hackers.

The whitehats received this reward for using their cybersecurity skills and knowledge to identify the vulnerability. This prompted the network to conduct an audit before reopening the bridge for public use. Additionally, operations will shift from the current structure as Ronin validators work to implement a new solution.

“The ETH (~$10 M) has been returned and we expect that the USDC will be returned later today. The Bug Bounty Program will reward the white hats with a 500 K bounty. The bridge will undergo an audit before it is reopened. We will provide updates as we make progress on this audit. We aim to shift the operation of the bridge away from the current structure. We will be working with the Ronin validators to onboard a new solution and will provide updates on this as the work progresses,” the update read.

Read more: Crypto Project Security: A Guide to Early Threat Detection

The Ronin Bridge is an Ethereum sidechain for the popular play-to-earn game Axie Infinity. It transfers assets between the Ronin chain and the Ethereum network. The bridge currently secures over $850 million, which remains safe despite the Tuesday incident.

Tuesday Attack Explained

According to the report, exploiters could only siphon $12 million because of safeguard measures in place. Specifically, there is a bridge limit, which prevents large fund withdrawals. This system prevented further withdrawals during the exploit.

The gaming-focused blockchain pinpointed what led to the attack, citing a new update and articulating that remedies are already underway.

“Today’s bridge upgrade, after being deployed through the governance process, introduced an issue leading the bridge to misinterpret the required bridge operators’ vote threshold to withdraw funds,” the bridge explained.

A post-mortem will be shared next week, with strategies to prevent similar occurrences. One of the project’s key personnel, Bailey.ron on X, said the Ronin Bridge’s principles are one of the things that make it a target for attacks.

“Ronin is one of the few crypto projects working on and achieving real consumer adoption. Coupled with its history, this attracts unwanted attention and constant phishing attempts. Nevertheless, Ronin remains committed to rectifying mistakes and protecting its community and users. I am glad to be contributing here and still have confidence in the team to deliver impact on not just gaming but the overall crypto industry,” Bailey.ron said.

Indeed, the network has made headlines with previous exploits. In 2022, the Ronin Network lost $615 million to an exploit after the perpetrator capitalized on private keys to forge fake withdrawals. This marked one of the largest attacks in decentralized finance (DeFi) at the time.

Read More: Axie Infinity (AXS) Explained for Beginners

This development mirrors key security concerns that continue to plague the DeFi space. Meanwhile, the Ronin (RON) token has been down 2% in the last 24 hours, while the Axie Infinity (AXS) token has been down 1% since Wednesday’s session opened.

Trusted

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Read more --->