BackCybersecurity
Ronin Bridge Hack: Criminals Stole $625 Million Using Validator Compromise
Attackers compromised validator nodes on the Ronin Network bridge for Axie Infinity, draining 173,600 ETH and 25.5M USDC worth about $625 million on March 23, 2022. The breach used social engineering tactics like fake job offers and was linked to the Lazarus Group.
Why It Matters
Largest DeFi hack at the time exposed risks in centralized validators for cross-chain bridges, leading to enhanced security standards and full user compensation in crypto gaming ecosystems.
Timeline
7 Events
User Compensation Funded
2022
Sky Mavis raised $150 million led by Binance to fully reimburse affected users, with collaboration from Chainalysis to trace funds.[1][2]
Ronin Bridge Relaunched
June 2022
Sky Mavis reopened the upgraded Ronin Bridge after increasing validators to 21 and conducting security audits.[1][6][7]
Social Engineering Method Revealed
July 2022
Reports emerged that hackers used a fake LinkedIn job offer to trick a Sky Mavis engineer into downloading malware, enabling validator access; linked to Lazarus Group.[6][7]
Sky Mavis Public Disclosure
March 29, 2022
Axie Infinity announced the Ronin Network attack and loss of over $625 million, pausing the bridge and DEX.[2][5]
Breach Discovered
March 29, 2022
Sky Mavis detected the hack after a user reported inability to withdraw funds, revealing the $625 million theft.[1][2][3][4][5]
Hack Executed
March 23, 2022
Attackers compromised private keys of four Sky Mavis validators and one Axie DAO validator, approving two unauthorized withdrawals of 173,600 ETH and 25.5M USDC from Ronin Bridge.[1][2][3][4][5]
Ronin Network Launched
February 2021
Sky Mavis launched Ronin as an Ethereum sidechain for Axie Infinity to enable fast, low-cost transactions for play-to-earn gaming.[3][8]