Some 1,400 Ether From Ronin Exploit Is Moved to Tornado Cash
Shaurya Malwa - CoinDesk
The exploiter behind Ronin’s unprecedented $625 million bridge attack from last week apparently moved some 1,400 ether to privacy tool Tornado Cash on Monday morning, on-chain data connected to the exploit's addresses show.
- The main Ethereum address associated with the exploit sent more than 2,001 ether in two transactions to a different address – labeled “Ronin Bridge Exploiter 8” on the tracking tool Etherscan – in early Asian hours, the data show.
- Some 1,400 ether were then sent to Tornado Cash over 14 transactions, the data apparently show. The moved ether was valued at over $4.9 million at writing time.
- Tornado enhances the privacy of transactions by breaking the on-chain link between a source and a destination address. This allows exploiters and hackers to mask their addresses while withdrawing illicitly gained funds.
- Over 600 ether, valued at $2 million, remains in the Exploiter 8 wallet at writing time, the data show. The main wallet that holds stolen funds has in excess of 173,000 ether, valued at over $607 million, at writing time.
- Several thousands of ether had previously been moved to other wallets, data apparently show. Those transactions ranged from one ether to over 10 ether.
- Ronin network was hit by a $625 million exploit last week that affected Ronin validator nodes for Sky Mavis, the publisher of the popular Axie Infinity game, and the Axie DAO.
- The attacker “used hacked private keys in order to forge fake withdrawals” from the Ronin bridge across two transactions, as seen on Etherscan, Ronin said in a blog post on Substack.
- Investigations are underway, with all former Sky Mavis validators said to have been replaced.
View full text