The week has started with Bitcoin printing a yearly high but yesterday the bad news broke via Twitter when the team behind Ronin announced that they have been hacked. The loss is immense with 173.600 Ether and over 25 million USDC the Ronin hack is one of the biggest incidents the crypto industry has ever seen.

How did this happen? What do we know about the hacker? And will the victims get their funds back?

Ronin bridge was drained last week

The Ronin network has 9 validator nodes and within a multi-key setup, it is required that 5 out of 9 nodes sign a transaction to make it happen. It appears that a hacker was able to exploit 4 validator nodes from Sky Mavis and an additional node that is run by the Axie DAO to sign transactions with their private keys through a backdoor.

In effect, the attacker managed to drain 173.600 Ether and 25,5 million USDC which is roughly worth $600 million at the time of writing. Ronin is the Ethereum sidechain that the blockchain game Axie Infinity is based on. The bridge is needed to transfer assets between Ronin and Ethereum, hence between the game and Ethereum as the primary transaction layer for the users.

It was yesterday when the team noticed the hack only because another user was attempting to withdraw 5.000 ETH from Ronin. Since Ether and USDC reserves were depleted, the transaction failed. According to an emergency blog post all AXS, SLP, and RON tokens are safe and unaffected. The Ronin bridge and the Katana DEX are taken down for the time being until the situation is resolved.

Will the victims be reimbursed?

That is the toughest question at the moment because over 170.000 Ether is still sitting very comfy in the attacker’s wallet. It appears that he has sent smaller sums to several international exchanges that already communicated their commitment to investigate and secure whatever funds they can secure.

Law enforcement agencies as well as blockchain analysis company Chainalysis are on the hacker’s trail. The most likely outcome is that it is going to be impossible to launder such a huge sum under the eyes of the public and of investigators. This might lead to an agreement between the hacker and Sky Mavis offering a bounty and impunity in return for the stolen cryptos.