Representatives of Ethereum’s Ronin Network sidechain have assured that they have identified the hackers responsible for the theft of more than $600 million that occurred last month. It also claims that all user funds are “in the process of being recovered.”
In addition, the organization has increased security measures to prevent similar attacks in the future.
The Ronin Network said the cyberattack happened back on March 23 and that the hack itself was discovered by the Sky Mavis team on March 29.
We didn’t have a proper tracking system for large outflows from the bridge, so the hack was not detected immediately,” is how the organization explained the delay.
Attackers gained control of five of the nine private validator keys – four Sky Mavis validators and one Axie DAO – and stole 173,600 ETH and 25.5 million USDC. Crypto-assets were withdrawn in two transactions totaling about $620 million.
The company has promised to engage leading security experts, including CrowdStrike and Polaris Infosec, to prevent similar attacks from happening again. It has also partnered with other firms that will have to ensure that hackers can’t break into the network’s defenses.
The project is also seeking stricter internal procedures and will offer more training courses for its employees so that they are prepared to act effectively if such an incident happens again.
The Ronin network agreed with the FBI’s statement that the attack was carried out by a leading North Korean cybercriminal group, the Lazarus Group. The hackers were described as an “extremely resourceful and sophisticatedly organized” team, having been involved in many similar attacks in recent months.
The Ronin Network bridge was supposed to be operational by the end of April, but the company will push back the launch until mid/late May. Meanwhile, Binance, the world’s largest cryptocurrency exchange, will provide Axie Infinity users with both withdrawals and deposits via wETH and USDC when using the network.