Two crypto wallet addresses belonging to Jeff “Jihoz” Zirlin, one of the five co-founders of Axie Infinity and Ronin Network, were hacked, and roughly $9.7 million worth of Ether (ETH) was stolen and siphoned across Tornado Cash.
On Feb. 23, blockchain investigator PeckShield alerted about a “whale wallet” compromise over the Ronin Bridge, reporting that the hacker made away with 3,248 ETH. Aleksander Larsen, co-founder of Ronin Network, immediately responded that “the (Ronin) bridge itself has top security” and suspected a wallet hack instead.
Larsen also highlighted that the Ronin Bridge had been audited and is designed to pause if an unusually large withdrawal is detected. Soon after, Zirlin confirmed that two of his personal wallets had been hacked. He said the attack was not due to vulnerabilities within the Ronin chain or Sky Mavis operations, adding:
Speaking to Cointelegraph, PeckShield said that the root cause of the hack was a “wallet compromise,” which allowed the unauthorized outbound transfer of funds.
This has been a tough morning for me.
Two of my addresses have been compromised.
The attack is limited to my personal accounts, and has nothing to do with validation or operations of the Ronin chain.
Additionally, the leaked keys have nothing to do with Sky Mavis operations.…— Jihoz.ron (@Jihoz_Axie) February 23, 2024
While no particular details were shared about the events that led to the hack, Zirlin’s message suggests that the private keys of the two wallets were leaked, which led to unauthorized access to his personal crypto wallets.
PeckShield’s investigation of the compromised wallets from Ronin Bridge v2 suggests that the 3,248-ETH loot was initially split and moved to three different wallets. The funds eventually made their way into Tornado Cash, a service often used by hackers to anonymize the funds’ ownership and traceability.
On Feb. 1, Binance froze $4.2 million worth of stolen XRP (XRP), a part of the $112-million hack on Ripple co-founder Chris Larsen’s personal wallet from Jan. 31.
After finding out early on about the exploit that occurred at @Ripple, we’re happy to say that the #Binance team has managed to freeze $4.2 Million worth of $XRP stolen by the exploiter.
We appreciate both the communities efforts in flagging it to exchanges – as always @zachxbt…— Richard Teng (@_RichardTeng) February 1, 2024
Unlike Axie Infinity’s Jihoz hacker, Larsen’s hacker didn’t use crypto mixer services or decentralized exchanges to hide their identity. As a result, Binance was able to track down some of the funds and block them from the hacker’s access.