Ronin Hacker Moves Funds via Tornado Cash

cropped favicon 32x32 1

The Ronin hacker’s decision to use centralized exchanges in laundering his stolen funds is a first within the space.

Axie Infinity’s Ronin Bridge hacker has started moving the ETH loot associated with the hack. According to available information, the blockchain address linked to the hack on Axie Infinity’s network has displayed some recent activity.

The Ronin Bridge is an Axie Infinity network enabling transfers across chains to and from the Axie Infinity ecosystem. The network lost over $600 million in late March, with the team, Sky Mavis revealing its desire to reimburse affected users.

While the bulk of the stolen digital assets had remained in the hacker’s wallet for the most part of the previous week, recent activities on the wallet have shown that the hacker could be looking to wash his loot via Tornado Cash.

1000 units of Ethereum which translate to roughly $3.5 million was moved to a different ETH address while another unit of 100 ETH was transferred to Tornado Cash.

Although the moved digital assets are just a fraction of the whole loot, the hacker’s decision to redistribute the holdings is largely understandable as he can only withdraw such large sums in fiat via centralized exchanges with sizable liquidity and trading volume.

Hackers’ Dependence on Tornado Cash

The decision of the Ronin hacker to use centralized exchanges in laundering his stolen funds is a first within the space. This is because the majority of these CEXs implement a Know Your Customer procedure meaning their identity or that of associates could be easily unraveled.

Per different reports, parts of the funds have been transferred to FTX, Huobi, and Crypto.com, among other exchanges. This means that these exchanges could play a role in helping the community nab this bad actor.

Also, the transparent nature of blockchain technology has made it possible for the community to be able to track the transactions involving the wallets associated with the stolen funds.

However, his use of Tornado Cash could make it much more difficult for the community to keep track of the transactions.

Many malicious players within the crypto industry use Tornado Cash for its ability to provide private and anonymous transactions for ETH and ERC-20 tokens. It does this by creating a break between the source and destination addresses.

According to James Ferguson, the Founder of Immutable Vision, malicious actors will often try to obfuscate stolen funds via several channels before trying to cash out the funds in fiat.

In his words, “this is when privacy blockchains fail and acts as ammunition for stricter regulations which impacts legitimate retail and institutional investors.”

Altcoin News, Blockchain News, Cryptocurrency news, Cybersecurity News, News

Oluwapelumi Adejumo

Oluwapelumi is a believer in the transformative power Bitcoin and Blockchain industry holds. He is interested in sharing knowledge and ideas. When he is not writing, he is looking to meet new people and trying out new things.