Beosin is tracing the whereabouts of the funds in the Ronin attack, reminding similar cross-chain bridge projects to take precautions

According to Beosin Alert, Blockchain Security Situational Awareness Platform, the Axie Infinity sidechain Ronin was attacked. 173,600 ETH and 25.5 million USDC were stolen, with a total value of approximately 615 million US dollars. Beosin is investigating the cause of the breach and tracking the flow of funds.

According to the tracking results of the Beosin-Trace safety tracking platform:

Hacker address: 0x098b716b8aaf21512996dc57eb0615e2383e2f96

Funds stolen from addresses:

0x665660f65e94454a64b96693a67a41d4401556170xe708f17240732bbfa1baa8513f66b665fbc7ce10

Up to now, after the stolen amount has flowed through 15 transit addresses, it has flowed into the exchange addresses:

HUOBI: 0x73f8fc2e74302eb2efda125a326655acfodc2d1b, total 2500ETH

HUOBI: 0x28ffe35688ffffd0659aee2e34778b0ae4e193ad, 1250ETH

FTX: 0xc098b2a3aa256d2140208c3de6543aaef5cd3a94, 1229.96ETH

Crypto.com: 0x6262998ced04146fa42253a5c0af90ca02dfd2a3, 0.99ETH

Transit address: 0x28ffe35688ffffd0659aee2e34778b0ae4e193ad, 1249.97ETH

Hacker address balance: 175,913.70 ETH

Beosin-Trace security tracking platform will keep tracking the flow of stolen funds in real time, please stay tuned!

 

As a full-service provider of blockchain ecosystem security, Beosin gives the following suggestions for cross-chain bridge projects:

1. Pay attention to the security of validators;

2. If the signature service goes offline, then update the security policy, close corresponding service modules, and consider the risk of signature account addresses being compromised.

3. For multi-signature verification, the multi-signature services must be logically isolated, and the signature content must be verified independently. It must be made impossible for a subset of validators to directly request signature from other validators.

4. The project party should monitor all transactions in real time and have real time automatic alerts on abnormal transactions.

Twitter: https://twitter.com/Beosin_com

Telegram: https://t.me/beosin

Medium:https://medium.com/@Beosin

Github: https://github.com/Beosin20180329

Discord: https://discord.com/invite/B4QJxhStV4

Media Contact
Company Name: Beosin
Contact Person: Donny
Email: Send Email
Country: China
Website: www.beosin.com