Peckshield revealed a major security breach impacting the Ronin Network in a Tuesday X post, leading to the loss of 3,996 Ether tokens, valued at approximately $9.8 million.
White Hat Hacker Speculation Surrounds Ronin Security Breach
The breach was initially discovered by blockchain security firm Peckshield, that speculated in an August 6 X post that the exploit could be the work of a white hat hacker.
A key distinction exists between white hat hackers and malicious actors: white hat hackers typically return stolen assets after demonstrating the existence of security flaws.
However, in this case, the funds are yet to be returned, leaving the true intentions of the hacker unclear.
This uncertainty extends to the nature of the breach, which many suggest may have been caused by a maximal extractable value (MEV) bot.
Axie/Ronin is a cursed project I swear
-Ronin bridge $600M hack March 2022
-Axie/Ronin co-founder $9.7M hack February 2024
-Now this bridge incident— ZachXBT (@zachxbt) August 6, 2024
MEV bots are automated tools used by blockchain validators to identify and exploit arbitrage opportunities in decentralized finance (DeFi) protocols.
While these bots are generally used for profit, they can sometimes accidentally exploit vulnerabilities within a protocol.
Further investigation revealed that the MEV bot “0x4ab” executed the $9.8 million transfer via the Ronin bridge.
A small portion of the stolen funds, amounting to 3.9 Ether, was later sent to another wallet associated with the address “0x952” or “beaverbuild.”
This action hints at a possible ethical motive behind the hack, as similar scenarios have seen the return of assets by the responsible party.
Similar Security Breaches and White Hat Actions
Shortly before the Ronin security breach, a similar incident unfolded at Rho Markets in July, where an MEV bot exploited the protocol for $7.6 million.
Notably, all stolen funds were recovered within a week, highlighting a precedent for the potential return of assets in these situations.
The Ronin security breach is part of a broader trend in the cryptocurrency space, where even malicious hackers occasionally return stolen funds.
👨🏻💻 A victim who fell prey to a sophisticated 'address poisoning' attack has successfully recovered almost all of the stolen funds.#Hack #Scamhttps://t.co/GJEcS0BfvN
— Cryptonews.com (@ ) May 12, 2024
May saw a similar scenario unfold when an attacker involved in a wallet poisoning scam returned $71 million worth of wrapped Bitcoin (WBTC) after intense public and investigative scrutiny.
The return was reportedly influenced by a report from the on-chain security firm SlowMist, which identified the potential IP addresses of the attacker.
This latest incident adds to a concerning trend: approximately $266 million was lost to crypto hacks in July alone, including a stunning loss of over $230 million by the Indian exchange WazirX.