SlowMist analyzed the March 2022 Ronin Bridge breach in which an attacker stole 173,600 ETH and 25.5 million USDC, more than $610 million, from the Axie Infinity sidechain. The source says compromised private keys allowed forged withdrawal signatures, with a leftover Axie DAO whitelist and gas-free RPC path enabling control of five validator signatures: four Sky Mavis validators and one Axie DAO validator. MistTrack traced the attacker’s early fund movements, including USDC conversion to ETH, transfers of 1,220 ETH to FTX, 3,750 ETH to Huobi, and a small Binance-origin funding transaction. The article emphasizes the likely Sky Mavis intrusion and unreclaimed whitelist permissions as the root cause, while noting that most ETH initially remained at the hacker address and recovery depended on exchange and law-enforcement cooperation.