Ronin Network Recovers $12 Million Stolen in White-Hat Hack

The developers of the Ronin Network blockchain have reported an incident in which white-hat hackers exploited a vulnerability in the Ronin bridge to steal 4,000 ETH and 2 million USDC, totaling $12 million. The stolen funds were later returned.

The amounts mentioned above represent the maximum amount of ETH and USDC that can be withdrawn through the bridge in a single transaction. Thanks to the researchers’ discovery, a much larger potential theft was prevented.

The white-hat specialists notified Ronin Network about the vulnerability while demonstrating their attack. After confirming the issue, the bridge was suspended for 40 minutes.

Details and Cause of the Incident

More details about the incident will be published next week, but Ronin’s developers have already stated that the vulnerability may have been introduced by a recent bridge update, which brought the bug. After the update, the bridge began to incorrectly interpret the required number of operator votes needed to authorize withdrawals, allowing unauthorized parties to carry out attacks.

The Ronin Network team is already working to fix the problem and has announced that the patch will undergo a thorough audit before being approved and put into operation, to prevent similar incidents in the future.

Reward for the Researchers

The specialists who discovered the issue will receive a $500,000 reward for conducting this “forced audit.” However, it is unclear whether the researchers exploited the bug before or after notifying Ronin about the problem. Some experts believe the hackers may have simply demanded a reward in exchange for returning the funds.

User Funds Remain Safe

It’s worth noting that before the funds were returned, Ronin’s developers had already stated that even if the hackers did not respond and kept the stolen funds, all user assets would be fully restored and any losses would be completely compensated.