The Ronin Network team has published a postmortem report on the exploit that happened on March 23rd
The report explains that a Sky Mavis employees are under constant advanced spear-phishing attacks on various social networks
One employee was compromised, leading to access to 4 of Sky Mavis’ validator nodes
Moving forward, Sky Mavis plans to work with top tier security networks, increasing validator nodes to 21 and eventually 100, implement stricter internal procedures, conduct regular audits, create a zero-trust organization, launch a $1M bug bounty program and attain security certifications
The Ronin Network team has shared a postmortem report in which they provide an in-depth analysis of the March 23rd exploit by the North Korean Lazarus group that resulted in the loss of $615 million in Ethereum and USDC.
We have put together a postmortem regarding the Ronin exploit that occurred on March 23rd.
• Why it happened • What we're doing to make sure this never happens again • Ronin bridge re-opening updatehttps://t.co/FfwCtCG84E
Sky Mavis Employees are Under Constant Phishing Attacks
In the postmortem report, the Ronin Network team explained that Sky Mavis employees are under constant advanced spear-phishing attacks through various social channels. Consequently, one employee was compromised, and the attackers managed to access Sky Mavis IT infrastructure to control its 4 of the 9 validator nodes a the time. The employee no longer works for Sky Mavis.
Security Measures by the Ronin Network Moving Forward
Concerning a security roadmap to prevent the next DeFi hack, the Ronin Network announced the following measures to be implemented over time.
Continually working with top tear security experts to avoid lingering threats: Sky Mavis has engaged CrowdStrike and Polaris Infosec to handle internal surveillance and forensics
Increasing the number of Validator nodes: Sky Mavis has increased the number of validator nodes to 11 from the initial 9. They also plan to onboard 3 more with a target of 21 in three months. The Ronin Network team has a long-term goal of over 100 validator nodes
Implement stricter internal procedures: the Ronin Network team is inspecting their internal procedures in terms of security training for all employees
Conduct audits: All code will be thoroughly reviewed and optimized with security experts looking at the entire architecture
Creating a Zero-trust Organization: the goal of the Ronin Network team is to ‘become a fully antifragile, zero-trust organization. Zero-trust is a framework that assumes that Sky Mavis is always at risk to external and internal threats.’
Launching a bug bounty program: Sky Mavis is offering bounties of up to $1 million for security vulnerabilities
ISO27001 and other security certifications: with time Sky Mavis will undergo various certification processes