From: thepipeline_xyz
Ronin is a blockchain company known for its popular game, Axi [00:00:00]. Sky Mavis served as Ronin’s parent company [00:00:04].
The Ronin Bridge Hack
The Ronin blockchain experienced what might be the largest hack in history, resulting in approximately half a billion dollars in damages [00:00:53].
Initial Compromise
The incident originated when a devops engineer from Sky Mavis was “fished” with a job offer [00:00:10]. It is believed that the engineer clicked on an executable file sent as part of this phishing attempt [00:00:13].
Vulnerability and Multi-Signature Keys
A critical point of failure was that the compromised device of this single individual gained access to four keys for a multi-signature wallet [00:00:20]. A multi-signature (multisig) wallet is designed like a door requiring multiple keys to unlock it [00:00:31]. In this specific case, the multisig required five keys out of nine possible keyholes to be unlocked [00:00:37].
Key Acquisition and Exploit
Through social engineering tactics targeting the engineer, the attackers initially acquired four of the necessary keys [00:00:41]. They then performed “lateral movement” — moving from the compromised device to another — to obtain an additional key [00:00:44]. This allowed them to accumulate all five required keys [00:00:50], granting them full access to exploit the system. The entire compromise, leading to significant financial loss, originated from what appeared to be an office email [00:00:58].