Report suggests transfer of $625 million, allegedly stolen by Ronin hackers, into Bitcoin network.
The Ronin Hackers Have Split the Stolen Assets, Dumping Ethereum onto Bitcoin
It appears that the notorious Ronin hackers have been up to their old tricks again. According to the findings of blockchain investigator and developer, @blitezero, the hackers have shifted the pilfered assets from Ethereum to the Bitcoin network. Here's a breakdown of how they pulled it off.
The Dance of the Dollars
Following the Ronin Bridge Heist in March, the attackers moved the swiped $625 million worth of USDC and ETH to Ethereum-based crypto mixer Tornado Cash. But this wasn't the end of the road for these cybercriminals. They continued to obscure their transactions with additional steps.
Follow the Money Trail
@blitezero has been following the money and noticed that the hackers transferred all the assets to the Bitcoin protocol using a network bridge and several crypto exchanges. After withdrawing the funds from Tornado Cash, around 6,250 ETH ($20.7 million) was sent to centralized exchanges like Binance, Huobi, and FTX before being funneled to the North Korean crypto mixer Blender.
The U.S. Treasury's Takedown
In May, the United States Treasury Department sanctioned Blender addresses, alleging that the crypto mixer aided the Ronin hackers in processing over $20.5 million of the stolen funds. Interestingly, @blitezero pointed out that most of the sanctioned Blender addresses were used by the hackers to receive funds after withdrawing from CEXs.
On to Bitcoin
The rest of the assets were converted to renBTC using platforms like 1inch or Uniswap. renBTC is essentially wrapped Bitcoin on the Ethereum network, facilitated by the Ren Protocol. This enabled the hackers to bridge the assets from Ethereum to the Bitcoin network.
The Final Mix
The hackers then sent most of the funds to crypto mixers such as ChipMixer and Blender. They first funneled the funds to ChipMixer before transferring some to Blender.
What's Next?
@bliteZero is presently analyzing the hackers' activities, acknowledging that the process will be more complex. The question on everyone's lips – "Where's the money?" remains a mystery, but rest assured, the investigation is ongoing. Let's hope for more progress in the near future!
FYI- The Ronin hackers gained control over five of nine validator nodes on the Ronin Network, a sidechain designed to enhance Ethereum scalability for the Axie Infinity blockchain game.- Law enforcement efforts, including the FBI, eventually tracked some of these transactions, freezing portions of the stolen assets on centralized exchanges to limit the hackers' access.- Several centralized exchanges, including Binance, are suspected to have been involved in the transfer of the stolen assets.
- The Ronin hackers, after the Ronin Bridge Heist, initially moved the swiped assets to Ethereum-based crypto mixer Tornado Cash.
- Following this, the hackers transferred all the assets to the Bitcoin protocol using a network bridge and several crypto exchanges.
- After withdrawing the funds from Tornado Cash, around 6,250 ETH ($20.7 million) was sent to centralized exchanges like Binance, Huobi, and FTX before being funneled to the North Korean crypto mixer Blender.
- The rest of the assets were converted to renBTC using platforms like 1inch or Uniswap, enabling the hackers to bridge the assets from Ethereum to the Bitcoin network.
- Interestingly, most of the sanctioned Blender addresses, which were used by the hackers to receive funds after withdrawing from centralized exchanges, were previously aided by the United States Treasury Department.
- Crypto investigator @blitezero is currently analyzing the hackers' activities, suggesting that the process will be more complex but aiming to uncover the mystery of where the money went.
- The ongoing investigation in finance and cybersecurity circles hopes for more progress in the near future as they work to limit the hackers' access and recover the stolen assets.
