Ronin Network to Increase Validator Nodes to 21, Introduce $1M Bug Bounty and Audits to Prevent the Next DeFi Hack

Summary:

• The Ronin Network squad has published a postmortem study connected the exploit that happened connected March 23rd
• The study explains that a Sky Mavis employees are nether changeless precocious spear-phishing attacks connected assorted societal networks
• One worker was compromised, starring to entree to 4 of Sky Mavis’ validator nodes
• Moving forward, Sky Mavis plans to enactment with apical tier information networks, expanding validator nodes to 21 and yet 100, instrumentality stricter interior procedures, behaviour regular audits, make a zero-trust organization, motorboat a $1M bug bounty programme and attain information certifications

The Ronin Network squad has shared a postmortem study successful which they supply an in-depth investigation of the March 23rd exploit by the North Korean Lazarus group that resulted successful the nonaccomplishment of $615 million successful Ethereum and USDC.

We person enactment unneurotic a postmortem regarding the Ronin exploit that occurred connected March 23rd.

• Why it happened
• What we're doing to marque definite this ne'er happens again
• Ronin span re-opening updatehttps://t.co/FfwCtCG84E

— Ronin (@Ronin_Network) April 27, 2022

Sky Mavis Employees are Under Constant Phishing Attacks

In the postmortem report, the Ronin Network squad explained that Sky Mavis employees are nether changeless precocious spear-phishing attacks done assorted societal channels. Consequently, 1 worker was compromised, and the attackers managed to entree Sky Mavis IT infrastructure to power its 4 of the 9 validator nodes a the time. The worker nary longer works for Sky Mavis.

Security Measures by the Ronin Network Moving Forward

Concerning a information roadmap to forestall the adjacent DeFi hack, the Ronin Network announced the pursuing measures to beryllium implemented implicit time.

• Continually moving with apical teardrop information experts to debar lingering threats: Sky Mavis has engaged CrowdStrike and Polaris Infosec to grip interior surveillance and forensics
• Increasing the fig of Validator nodes: Sky Mavis has accrued the fig of validator nodes to 11 from the archetypal 9. They besides program to onboard 3 much with a people of 21 successful 3 months. The Ronin Network squad has a semipermanent extremity of implicit 100 validator nodes
• Implement stricter interior procedures: the Ronin Network squad is inspecting their interior procedures successful presumption of information grooming for each employees
• Conduct audits: All codification volition beryllium thoroughly reviewed and optimized with information experts looking astatine the full architecture
• Creating a Zero-trust Organization: the extremity of the Ronin Network squad is to ‘become a afloat antifragile, zero-trust organization. Zero-trust is simply a model that assumes that Sky Mavis is ever astatine hazard to outer and interior threats.’
• Launching a bug bounty program: Sky Mavis is offering bounties of up to $1 cardinal for information vulnerabilities
• ISO27001 and different information certifications: with clip Sky Mavis volition acquisition assorted certification processes