Ronin hack: Despite sanctions across levels, hacker continues to cash in the loot

Ronin Network, a cross-bridge chain that powers Axie Infinity, underwent one of the largest exploits. This resulted in a loss of 173,600 Ethereum and 25.5 million USDC, equivalent to more than $600 million. Since the breach occurred on 23 March, the stolen funds have flowed into FTX, Huobi, and Crypto.com, which have all vowed to take actions to trace the funds.

Sky Mavis, the company behind Axie Infinity, said it would compensate online participants who lost funds during the attack.

Moving without any borders

After more than a month post the attack, the exploiter still kept moving funds from one wallet to another. The hackers cashed in 28,164 ETH out of the 173,000 ETH stolen in the Ronin Bridge attack, with a current market value of $86,128,384.73.

The attackers had initially moved over 2000 ETH ($6 million) 3 weeks ago. Now the hackers are on the move again.

The Ronin Network hacker address (0x098B7…) once again transferred 33,568 ETH to a new address as per Etherscan. The current hacker address still has about 61,253 ETH. Wu Blockchain, a famed news outlet highlighted this exodus tweet on 24 April that read:

But here’s the interesting past. The U.S Treasury has connected the theft to the North Korean hacker group Lazarus Group. Likewise, added the related Ethereum (ETH) address (0x098B716B8Aaf21512996dC57EB0615e2383E2f96) to the sanctions list.

Failed lockdown? 

Here’s the precise, official version: The U.S Treasury Department’s Office of Foreign Asset Control (OFAC) added a single, solitary Ethereum address to its Specially Designated Nationals list.

Despite a lockdown, the added address to the U.S sanctions list does not appear to have halted the laundering of funds. Even in the past, and then at the time of writing.

Now, Sky Mavis had announced to reimburse all the victims in the $600 million that took place on 23 March. Binance confirmed it is leading the initial $150 million funding round with Animoca Brands, a16z, Dialectic, Paradigm and Accel also participating. Whatever the case, the damage is down. Even today, investors face challenges concerning the affected network.

When it comes to the Ronin bridge, except for the 173k ETH and 25.5 million USDC that was stolen on 23 March, the net flows have been mostly leaning towards outflows when it comes to ETH, USDC and SLP.

Source: Dune Analytics