Axie Infinity co-founder, Jeff “Jihoz” Zirlin, recently suffered a significant loss after two of his crypto wallets were compromised, resulting in the theft of approximately 3,248 ETH, valued at roughly $9.7 million at the time of the incident. The attack highlights the ongoing vulnerability of crypto wallets and the importance of robust security measures.

On February 23, blockchain investigator PeckShield notified of a “whale wallet” attack over the Ronin Bridge, stating that the hacker stole 3,248 ETH. Aleksander Larsen, the co-founder of Ronin Network, quickly commented that “the (Ronin) bridge itself has top security” and suspected a wallet breach instead.

Larsen further stated that the Ronin Bridge has been reviewed and is set to pause if an unusually significant withdrawal is discovered. Shortly later, Zirlin revealed that two of his personal wallets had been compromised. He stated that the attack was not caused by flaws in the Ronin chain or Sky Mavis operations, and added:

“I want to reassure everyone that we have strict security protocols in place for all chain-related activity.”

PeckShield that the main cause of the hack was a “wallet compromise,” which enabled unlawful outbound transfers of cash.

While no particulars concerning the events leading up to the hack were provided, Zirlin’s note implies that the private keys of the two wallets were released, allowing unauthorized access to his personal crypto wallets. According to PeckShield’s examination of the hacked wallets from Ronin Bridge v2, the 3,248-ETH loot was initially split and transferred to three distinct wallets. The funds finally made their way into Tornado Cash, a site that hackers frequently utilize to hide the ownership and traceability of their funds.

On February 1, Binance froze $4.2 million in stolen XRP XRP$0.53, as part of the $112 million hack on Ripple co-founder Chris Larsen’s personal wallet on January 31.

Unlike Axie Infinity’s Jihoz hacker, Larsen’s hacker did not use crypto mixer services or decentralized exchanges to conceal their identify. As a result, Binance was able to locate and secure some of the cash from the hacker’s access.