Ronin Team Working on Security Upgrades After $600M Hack

Quick take:

• After one of the largest crypto hacks in history, Ronin Bridge, begins upgrading its security system.
• They are also offering a $1million bounty to hackers who find any vulnerabilities.

Following the $600 million attacks late last month, the Ronin Network and Sky Mavis have promised to improve their smart contracts, pay large bug rewards, and tighten up security.

As previously reported, an exploit for 173,600 Ether (ETH) and 25.5 million USD Coin (USDC), valued at more than $612 million at the time, was discovered on the Ethereum sidechain designed for the popular NFT game Axie Infinity.

Lazarus, a North Korean-based and state-sponsored hacking gang, was noted as the team behind the hack by the Federal Bureau of Investigation (FBI). A warning was sent out to other crypto and blockchain companies earlier this month.

Ronin disclosed the adjustments to its platform in a post-mortem report published, stating that all customer assets are being refunded.

History of the largest hack

A spear-phishing assault on a former Sky Mavis employee, Axie Infinity's creators, resulted in the compromise. The bad actor was able to access four of Sky Mavis' nine validator nodes in the Axie/Ronin ecosystem using the employee's credentials.

Both Sky Mavis and the Ronin Network are undergoing significant adjustments as a result of the attack.

Around mid-to-late May is when Ronin Network intends to reopen its bridge. Binance will be assisting with withdrawal and deposit infrastructure for Axie users until then.

The team is around 80% done with the Ronin bridge smart contracts upgrade; they'll be redesigning the backend, transferring all outstanding withdrawals, and providing a validator dashboard that "allows for approving huge transactions and adding/removing new transactions."

Sky Mavis will beef up its security measures by enlisting the support of "top tier security specialists," undertaking contract audits, and putting in place stronger internal processes, including training classes to "fight external attacks."

It will also significantly increase its node count to assist in decentralizing the project and preventing this kind of attack in the future. The initiative hopes to have more than 100 nodes in the future.

Sky Mavis is also planning to provide up to $1 million in bug bounties to any white hat hackers who can discover and inform about new vulnerabilities.