CZ revealed on Twitter that Binance has recovered a tiny fraction of the assets stolen from Axie Infinity recently. 5.8 million of the $625 million stolen was seized after a laundering attempt.
Start of the recovery of Axie Infinity assets?
Recently, we counted the assets that Ronin (Axie Infinity) hackers were unable to launder: about $433 million. Because stealing is one thing, but making the money accessible is another.
That’s why Lazarus Group used “more than 86 accounts” to transfer some of its loot. Changpeng Zhao’s April 22 tweet highlighted this practice in addition to announcing the seizure of the $5.8 million recovered.
“The DPRK hacker group began moving the stolen funds to Axie Infinity today. Part of it was transferred to Binance, spread over 86 accounts. 5.8 million has been recovered. We’ve done this several times for other projects in the past as well. Stay #SAFU.”
Lazarus Group is not on its first strike. On the counter of the North Korean hacker group are of course several acts of hacking. To cite only:
- The WannaCry ransomware attack in 2017;
- the Sony Pictures raid in 2014;
- cyber attacks on pharmaceutical companies like AstraZeneca in 2020 ;
In late March, the same group struck hard at Ronin Bridge, the blockchain that powers Axie Infinity. In early April, the pots were discovered and a laundering operation of about $7 million in cryptos on Tornado Cash. An operation that turned out to be easy since the latter presents itself as a tool capable of disguising transactions of this kind. Indeed, Tornado Cash can break the link between the source of funds and their destination.
The Ronin Bridge hack
On March 23, hackers stole 173,600 ethereum (ETH) and 25.5 million USDC stablecoins from Ronin Bridge. Knowing that the latter is none other than the custom sidechain of Sky Mavis, connecting Axie Infinity to Ethereum.
Strangely enough, the theft was not recognized until 6 days later. And it took another week to see Binance react. Because on the occasion, this exchange had to raise a $150 million fund with the support of Animoca Brands and a16z. This is how CZ wanted to ease the pain of the victims of the biggest hack in the history of cryptocurrencies. But this money will also be used to boost the security level of Ronin and Axie Infinity.
To note, SkyMavis called the Ronin bridge hack “social engineering”. It accused a small group of validators as perpetrators of the slidechain security breach. After raising the $150 million, the Axie Infinity developer plans to increase the number of validators from 5 to 20 in the next three months.
To think that last week, Sky Mavis challenged bounty hunter hackers. Whoever can identify “extraordinarily serious” vulnerabilities in Axie Infinity’s Ronin Bridge will get $1 million.