Axie Infinity co-founder, Jeff “Jihoz” Zirlin, recently suffered a significant loss after two of his crypto wallets were compromised, resulting in the theft of approximately 3,248 ETH, valued at roughly $9.7 million at the time of the incident. The attack highlights the ongoing vulnerability of crypto wallets and the importance of robust security measures.
On February 23, blockchain investigator PeckShield notified of a “whale wallet” attack over the Ronin Bridge, stating that the hacker stole 3,248 ETH. Aleksander Larsen, the co-founder of Ronin Network, quickly commented that “the (Ronin) bridge itself has top security” and suspected a wallet breach instead.
Hacked or not hacked? @Ronin_Network
— PeckShieldAlert (@PeckShieldAlert) February 23, 2024
0x73f428e1037a310d472A24100dA37fB1d8dEC8B8
0x39F817976C51A91b60145feBad81067e69713105
0xA4017DE6460bD63a77404dd2C2344D6135eD13b2 https://t.co/WQxaY9n5OR pic.twitter.com/5KURCJAW77
Larsen further stated that the Ronin Bridge has been reviewed and is set to pause if an unusually significant withdrawal is discovered. Shortly later, Zirlin revealed that two of his personal wallets had been compromised. He stated that the attack was not caused by flaws in the Ronin chain or Sky Mavis operations, and added:
“I want to reassure everyone that we have strict security protocols in place for all chain-related activity.”
PeckShield that the main cause of the hack was a “wallet compromise,” which enabled unlawful outbound transfers of cash.
This has been a tough morning for me.
— Jihoz.ron 🦌 (@Jihoz_Axie) February 23, 2024
Two of my addresses have been compromised.
The attack is limited to my personal accounts, and has nothing to do with validation or operations of the Ronin chain.
Additionally, the leaked keys have nothing to do with Sky Mavis operations.…
While no particulars concerning the events leading up to the hack were provided, Zirlin’s note implies that the private keys of the two wallets were released, allowing unauthorized access to his personal crypto wallets. According to PeckShield’s examination of the hacked wallets from Ronin Bridge v2, the 3,248-ETH loot was initially split and transferred to three distinct wallets. The funds finally made their way into Tornado Cash, a site that hackers frequently utilize to hide the ownership and traceability of their funds.
On February 1, Binance froze $4.2 million in stolen XRP XRP$0.53, as part of the $112 million hack on Ripple co-founder Chris Larsen’s personal wallet on January 31.
https://twitter.com/RichardTeng/status/1753100751713517903?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1753100751713517903%7Ctwgr%5E1f6bea8783f4352567841a92fe089f6ef975ee53%7Ctwcon%5Es1&ref_url=https%3A%2F%2Fcointelegraph.com%2Fnews%2Faxie-infinity-co-founder-wallet-hack
Unlike Axie Infinity’s Jihoz hacker, Larsen’s hacker did not use crypto mixer services or decentralized exchanges to conceal their identify. As a result, Binance was able to locate and secure some of the cash from the hacker’s access.