TL;DR
Jeff Zirlin, co-founder of Axie Infinity and Ronin Network, lost approximately $9.7 million due to a significant breach of his crypto wallets. The stolen funds were transferred through Tornado Cash, a platform known for concealing the source of digital assets.
The breach was identified by blockchain security firm PeckShield, which attributed it to a compromised “whale wallet”. The incident was confirmed to be a wallet hack and not a security flaw in the Ronin Bridge.
This incident is part of a larger trend in the crypto industry, with hacks, scams, and exploits decreasing by 27.8% in 2023, but still resulting in substantial financial losses of approximately $2.61 billion.
Jeff Zirlin, one of Axie Infinity and Ronin Network’s co-founders, recently experienced a significant breach of his crypto wallets. The incident led to a loss of around $9.7 million, equivalent to 3,248 Ether (ETH). The stolen funds were transferred through Tornado Cash, a platform recognized for its ability to conceal the source of digital assets.
This has been a tough morning for me.
Two of my addresses have been compromised.
The attack is limited to my personal accounts, and has nothing to do with validation or operations of the Ronin chain.
Additionally, the leaked keys have nothing to do with Sky Mavis operations.…
Blockchain security firm PeckShield first identified the breach, noting a large withdrawal from the Ronin Bridge and attributing it to a compromised “whale wallet”. Aleksander Larsen, another co-founder of the Ronin Network, clarified that the breach was due to a wallet hack, not a security flaw in the Ronin Bridge.
#PeckShieldAlert It appears a whale wallet has been compromised, & ~3,248 $ETH (worth ~$9.7m) from the #Ronin Bridge was withdrawn and transferred to #TornadoCash pic.twitter.com/sRK36BQFDu
— PeckShieldAlert (@PeckShieldAlert) February 23, 2024
He reassured that the bridge, which has undergone extensive audits, has mechanisms in place to stop unusually large withdrawals. Zirlin confirmed the hack of his wallets, emphasizing that the incident was confined to his accounts and did not impact the Ronin chain or Sky Mavis’s operations. He reassured the community about the stringent security measures in place for all chain-related activities.
PeckShield concluded that the incident was due to a wallet compromise, which allowed unauthorized fund transfers. The specific circumstances leading to the exposure of the wallet keys remain undisclosed, but it is clear that the breach enabled hackers to access Zirlin’s wallets without permission.
How the Hackers Laundered Axie Infinity’s Co-Founder Stolen Funds
The investigation revealed that the hackers initially split the stolen ETH among three separate wallets before moving the assets through Tornado Cash. This method is commonly used by cybercriminals to obscure the origins and ownership of stolen funds, complicating recovery efforts.
This situation is part of a larger pattern in the cryptocurrency industry. PeckShield reports that the frequency of hacks, scams, and exploits in the crypto sector fell by 27.8% in 2023 compared to the year before. However, despite this decrease, the total losses were approximately $2.61 billion, underscoring the substantial financial consequences these incidents still pose. DeFi protocols are particularly vulnerable, making up 67% of the total stolen value.
This incident highlights the potential risks associated with digital assets and the importance of robust security measures. It underscores the need for ongoing vigilance and the implementation of advanced security protocols to protect digital assets.