In brief
- More than $30 million worth of cryptocurrency stolen from Axie Infinity’s Ronin network has been recovered by investigators, Chainalysis said.
- Crypto in the March attack was valued at $552 million at the time, but now is worth about $307 million amid a crypto market decline.
Axie Infinity’s Ronin network exploit ranks as one of the largest DeFi hacks of all time, but investigators are making progress in paring down the damage: Blockchain analytics firm Chainalysis today announced that more than $30 million worth of the stolen crypto has been recovered.
Chainalysis revealed the news at the official AxieCon event in Barcelona, alongside publication of a blog post about its findings. According to the firm, Chainalysis was able to track the funds—which the U.S. Treasury alleged were stolen by North Korea’s Lazarus hacker group—as they were laundered and eventually sent to centralized exchanges.
Law enforcement officials were able to seize the crypto funds after they arrived at exchanges, where the hackers apparently hoped to swap the tokens for fiat currency and then withdraw it, according to Chainalysis.
The Ronin network hack took place on March 23, when 173,600 WETH (Wrapped Ethereum) and 25.5 million USDC stablecoin were pilfered from the bridge that connects Axie Infinity’s custom sidechain to the Ethereum mainnet.
Collectively, that much crypto was worth $552 million at the time of the attack, but had grown to $622 million once it was disclosed to the public nearly a week later. Following May’s crypto market crash and chilly ongoing conditions, the hacked funds are only worth about $307 million today. As such, investigators have now recovered around 10% of the stolen crypto.
“This marks the first time ever that cryptocurrency stolen by a North Korean hacking group has been seized, and we’re confident it won’t be the last,” wrote Chainalysis Senior Director of Investigations, Erin Plante.
Axie Infinity is an Ethereum-based monster-battling game, and by far the most successful crypto game to date in terms of total NFT trading volume—more than $4 billion, per data from CryptoSlam. Most of that came during a hot six-month stretch of activity in 2021.
In late 2021 and earlier this year, Axie Infinity’s NFT and token prices collapsed as the game’s novel play-to-earn economy struggled amid an overwhelming supply of reward tokens and flagging demand. Developer Sky Mavis has since launched an overhauled version of the game called Axie Infinity: Origins with a free-to-play mode, along with tweaks to the rewards model.
The Ronin bridge attack was blamed on insufficient decentralization, with just nine total validators in the mix—five of which Lazarus gained control of using hacked private keys, enabling the group to illegally swipe hundreds of millions of dollars’ worth of cryptocurrency.
Sky Mavis reopened the closed Ronin bridge in late June and fully refunded all individual users, although a 56,000 ETH hole remained in the Axie DAO treasury while law enforcement sought to recover funds. A Sky Mavis representative confirmed to Decrypt today that all of the recovered funds will be put back into the Axie DAO treasury.
Stay on top of crypto news, get daily updates in your inbox.
Source: https://decrypt.co/109286/investigators-recover-30m-stolen-crypto-axie-infinity-hack