Ronin Hacker Returns $10M in ETH After Mistaken Front-Run

An MEV bot returned nearly all the 3,996 ETH it drained from the Ronin network bridge, valued at over $10 million, suggesting an accidental front-run of an attack.

The Ronin team received 3,991 ETH and rewarded the bot’s owner with $500,000 for identifying the exploit.

Update:

The ETH (~$10 M) has been returned and we expect that the USDC will be returned later today. We thank the white hats for their vigilance and integrity. The Bug Bounty Program will reward the white hats with a 500 K bounty.

The bridge will undergo an audit before it is…

— Ronin (@Ronin_Network) August 6, 2024

Announced on social media, the team plans to reopen the bridge only after patching the vulnerability and conducting an audit.

MEV bots, designed to copy profitable transactions by paying higher gas fees, sometimes accidentally exploit protocols.

The @Ronin_Network bridge has been paused while we investigate a report from whitehats about a potential MEV exploit.

We will follow up with more information shortly.

The bridge currently secures over $850M which is safe https://t.co/lUjIIgb1DD

— Psycheout.ron (@Psycheout86) August 6, 2024

This incident mirrors a July event where an MEV bot drained and later returned $8 million from the Rho Markets protocol.

Ronin, which was previously exploited for over $600 million in March 2022, is the platform for the Web3 game Axie Infinity, boasting over 2.7 million users.

About The Author