Evaluating only Ronin Bridge (Sky Mavis)’s profile at its peak — without knowing the outcome — the model ranked Competition as the #1 likely cause. Documented cause: Security failure.
Key Events Timeline
FOUNDING
Ronin Bridge (Sky Mavis) founded as Ethereum sidechain for Axie Infinity
FUNDING
Axie DAO delegates validator key to Sky Mavis for bandwidth optimization
FRAUD EXPOSURE
Ronin Bridge hacked: 173,600 ETH and 25.5M USDC stolen ($625M). Sky Mavis engineer compromised via malware-laden fake job offer. Attackers controlled 5 of 9 validator keys due to unrevoked Axie DAO delegation
REGULATORY ACTION
US Treasury attributes Ronin Bridge attack to Lazarus Group, North Korea's state-sponsored hacking unit
SHUTDOWN
Ronin Bridge (Sky Mavis) ceases operations following catastrophic security breach and loss of user confidence
Full Analysis
Free · no account needed
Documented cause
The Ronin Network was the Ethereum sidechain bridge built by Sky Mavis for Axie Infinity. On March 23, 2022 (discovered March 29), attackers compromised 5 of the 9 validator keys controlling the Ronin bridge — 4 held by Sky Mavis and 1 by the Axie DAO — and stole 173,600 ETH plus 25.5 million USDC, worth approximately $625 million. The US Treasury later attributed the attack to Lazarus Group, North Korea's state-sponsored hacking unit. The original attack vector was a fake job offer sent to a Sky Mavis engineer that delivered malware enabling remote access. The Axie DAO key had been temporarily delegated to Sky Mavis nine months earlier for bandwidth reasons and never revoked — creating the 5/9 threshold vulnerability that made the attack possible.
Lesson
“An access delegation that was meant to be temporary but was never revoked created a $625 million vulnerability. The most dangerous security risks are not forgotten passwords — they are forgotten permissions.”