Ronin Network Hacker Turns To Crypto Mixers

According to the recent data from Etherscan, the address of the hacker who stole 173,600 ETH and 25.5 million USDC from Ronin Network has seen some activity earlier today. The blockchain monitoring tool indicates that the hacker transferred 1,000 ETH to a new address, while another 200 ETH were sent to a crypto mixer known as TornadoCash.

What Happened?

According to a blog post by Ronin Network, they suffered a security breach in late March. The project announced on March 29th that about a week earlier, on March 23rd, Sky Mavis’ Ronin validator nodes and Axie DAO validator nodes were compromised. The project later confirmed that this was an external breach. The investigation revealed that all evidence points towards the attack being socially engineered, rather than a technical flaw.

The hacker managed to steal 173,600 ETH and 25.5 million USDC–valued at $610 million at the time of writing.

In further additions to the blog post, the project recognized that the system was compromised due to the low validator nodes count, which consisted of only 9 nodes. In order to drain the funds, all that the hacker needed to do is get five out of nine signatures which are the minimum requirement in order to approve transactions. They managed to take control of Sky Mavis’ four Ronin Validators, and lastly, they also took over a third-party validator run by Axie DAO.

The funds were drained in only two transactions, one for the stolen Ethereum coins, and one for USD Coin. For a time, they were dormant in a wallet, and until April 4th, there was no activity involving the funds.

Earlier today, however, the attacker started splitting the funds into smaller transactions and sending them to different locations.

The Misuse of Crypto Mixers

In the early days of the crypto industry, transactions were anonymous because users did not have to reveal their identities to use cryptocurrencies. Today, that is not the case, as most exchanges now do not allow users to trade on their platforms without going through KYCprocedures. This lack of anonymity has resulted in bad actors relying on crypto mixers.

These are services that allow users to deposit their coins and tokens onto a pool, and take out the same amount. However, along the way, the deposited coins get mixed up with others in the same pool, and there is no telling who of the service’s users will get the stolen cryptos.

The attacker will leave the service with the same amount they put in–with a mix of their stolen coins and coins belonging to other users (who were probably seeking a degree of anonymity for their wallets.) If a hacker splits and mixes their coins into smaller amounts to be sent to new wallets, they can completely evade blockchain trackers and deposit their coins to one or multiple exchanges without fear of being caught. In this situation, the service that was used is called TornadoCash.

While many recent major DeFi hacks have resulted in attackers returning stolen coins (and simply wishing to teach projects a lesson in security), the fact that this hacker started using mixers indicates that they plan to keep the profits for themselves.

Leave a Reply

Your email address will not be published.

Related Articles
Read More

OpenSea Wallets Compromised As Hackers Cash In

Over the years, as the crypto sector keeps evolving, hackers have always schemed new ways to steal crypto assets and digital tokens from unsuspecting users. With the introduction of each new sector such as the decentralized finance (DeFi) sector and most recently the NFT sector,...
Read More

Criminals, Cryptocurrency, And Anarcho-Tyranny

They point to money laundering and recent high-profile ransomware attack that shut down Colonial Pipeline as proof that cryptocurrency needs to be banned to keep us safe from criminals. Criminality and CryptocurrencyI take serious issue with both points. First off, cryptocurrency is not the preferred...
Read More

Crypto Custody – How It Is Changing The Crypto Landscape

For retail investors, self-custody can be the best option because it is simple, and it gives such investors exclusive control and access over their digital assets. For investors making use of self-custody solutions, they can choose either a hardware wallet, software wallet, or even third-party...