Axie Infinity co-founder loses $9.7 million in 3,248-ETH wallet hack
Two crypto wallet addresses belonging to Jeff “Jehoz” Zirlin, one of the five founders of Accie Infinity and the Ronin Network, were hacked and an estimated $9.7 million worth of Ether (ETH) was stolen and loaded with Tornado Cash.
In the year On February 23, blockchain investigator PeckShield warned of a “whale wallet” deal on Ronin Bridge, reporting that the hacker spent 3,248 ETH. Ronin Network founder Alexander Larsen immediately responded by saying, “The[Ronin]bridge itself is highly secure” and instead suspected a wallet hack.
#PeckShieldAlert Looks like Whale's wallet has been hacked, and ~$3,248ETH (worth ~$9.7M) has been transferred from #Ronin Bridge to #Tornado Cash pic.twitter.com/sRK36BQFdu
— PeckShieldAlert (@PeckShieldAlert) February 23, 2024
Larson also highlighted that Ronin's bridge has been audited and designed to pause if an unusually large overhang is detected. Soon after, Zirlin discovered that his two personal wallets had been hacked. He said the attack was not due to vulnerabilities in the Ronin chain or Sky Mavis operations.
“I want to assure everyone that we have strict security measures in place for chain-related activities.”
Speaking to Cointelegraph, PeckShield said the main reason for the hack was a “wallet compromise” that allowed unauthorized transactions.
This has been a rough morning for me.
Two of my addresses are corrupted.
The attack was limited to my personal accounts, and had nothing to do with Ronin chain authentication or operation.
Also, the released keys have nothing to do with Sky Mavis's work.…
— Jihoz.ron (@Jihoz_Axie) February 23, 2024
While he did not share specific details about the events that led to the hack, Zirlin's message indicated that the private keys of the two wallets were leaked, allowing unauthorized access to his private crypto wallets.
PeckShield's investigation of compromised wallets from Ronin Bridge v2 revealed that the 3,248-ETH exploit was initially distributed and moved to three separate wallets. The funds eventually went into Tornado Cash, a service often used by hackers to hide the fund's ownership and tracking identity.
Related: Coordinated Crypto Hacking and Phishing Campaign Floods Investor Emails: Alert
In the year On February 1, Binance blocked $4.2 million in stolen XRP (XRP) as part of a $112-million hack on Ripple co-founder Chris Larson's personal wallet since January 31.
We are happy to say that the #Binance team has blocked $4.2 million worth of $XRP stolen by the exploiter after learning about the exploit on @Ripple early on.
Appreciate your efforts to suggest exchanges for both communities – as always @zachxbt …
— Richard Teng (@_RichardTeng) February 1, 2024
Unlike Axie Infinity's Jihoz hacker, Larson's hacker did not use crypto mixer services or decentralized exchanges to hide their identity. Because of this, Binance was able to track some funds and block access from the hacker.
Magazine: Rich, Independent and Amazing Beaches: Perth's Crypto City Guide