Security

Ronin Hackers Have Moved The Stolen $625M to Bitcoin Network: Report

Ronin hackers have transferred the stolen assets from Ethereum to the Bitcoin network, according to new findings by blockchain investigator and developer ₿liteZero.

Recall that after the Ronin bridge hack in March, the attackers moved the $625 million worth of USDC and ETH to Ethereum-based crypto mixer Tornado Cash, making it difficult for authorities to trace the movement of the funds. But Tornado wasn’t the end as the hackers took further steps in obscuring the transactions.

Follow the Money

₿liteZero said he has been tracking the stolen funds and noticed that the attackers had transferred all the assets to the Bitcoin protocol using a network bridge and several crypto exchanges.

I’ve been tracking the stolen funds on Ronin Bridge.
I’ve noticed that Ronin hackers have transferred all of their funds to the bitcoin network. Most of the funds have been deposited to mixers(ChipMixer, Blender).

This thread? will illustrate the tracking analysis procedures.?? pic.twitter.com/yrazcJ22xF

— ₿liteZero (@blitezero) August 20, 2022

Using Centralized Exchanges

The blockchain investigator found that after the hackers withdrew the funds from Tornado Cash, they sent about 6,250 ETH ($20.7 million) to centralized exchanges (CEXs) such as Binance, Huobi, and FTX before sending the funds to North Korean crypto mixer Blender.

In May, the United States Treasury Department sanctioned Blender addresses, noting that the crypto mixer assisted the Ronin hackers in processing over $20.5 million of the stolen funds.

Interestingly, ₿liteZero stated that most of the sanctioned Blender addresses were used by the Ronin hackers to receive funds after withdrawing from CEXs. Following the money, the investigator noted that the total funds withdrawn from the exchanges amounted to $20.72 million, consistent with the U.S. Treasury’s accusation.

Hackers Bridged Stolen Funds to Bitcoin Network

The hackers converted the rest of the assets to renBTC using 1inch or Uniswap. renBTC is wrapped bitcoin on the Ethereum network powered by Ren Protocol. Since Ren enables the movement of value between blockchains, the hackers were able to bridge the assets from Ethereum to the Bitcoin network.

Afterward, the hackers sent most of the funds to crypto mixers such as ChipMixer and Blender. They transferred the funds to ChipMixer before withdrawing some to Blender.

In concluding the Twitter thread, ₿liteZero said they are currently working on analyzing the hackers, although they believe that will be more complex.

I’m working on analyzing Ronin hackers, and the next work will be more complex.

‘Where’s the money?’
It is a mystery to be investigated, and I look forward to more progress being made.
Thanks for taking the time to read my thread, good luck!

— ₿liteZero (@blitezero) August 20, 2022

   

Source

Click to rate this post!
[Total: 0 Average: 0]
Показать больше

Добавить комментарий