The hacker of Axie’s Ronin network is now limited by his options after one of the most significant exploits in DeFi history.
Tuesday’s hack, which was a massive one in Web 3 history, rocked the crypto community. It involved a $625m exploit that took funds from Ronin (the blockchain that houses the popular Axie Infinity pay-to-earn game).
CoinDesk was told by experts that the attackers will never be able to enjoy the sum they have stolen, despite the fact that it is a large sum.
Sky Mavis, an Axie developer, announced Tuesday in a blog posting that the exploit led to losses of more than 173,000 in Ethereum and $25.5million in USDC.
Observers noticed that the hacker had used centralized exchanges as a way to fund the attack address and have been depositing thousands in ETH to various exchanges like Huobi, FTX, and Crypto.com – a move many security experts consider a mistake.
These platforms use know-your-customer verification systems. This means that these deposits can be used to identify the hacker and force them to return the money.
CoinDesk co-founder Tom Robinson, a blockchain analytics firm Elliptic, stated that “If I were in their shoes I would seek out to get out of the situation as quickly and efficiently as possible.” “That could include returning the funds.”
Know your exploiter
Experts in the industry thought that the attacker’s current scheme of laundering funds through central exchanges was strange.
Robinson stated that it was unusual to witness such direct flows of money from large-scale thefts to large trades. They could have bought accounts or used an intermediary to launder money on their behalf.
CoinDesk discovered that there is a thriving black market for KYC-d accounts at central exchanges in an exclusive October report. Robinson pointed out that many of the exchanges used, such as Crypto.com and FTX, have strong reputations in terms of regulatory compliance and KYC.
He described the attacker’s efforts to hide their money as “surprisingly foolish”
He said, “That doesn’t match the sophistication it would seem to require to compromise these validators in order get their private keys,”
Robinson said that exploiters use a mix like Tornado Cash to send the stolen funds through nonKYC-d exchanges. This is a more common strategy.
The wider crypto community expressed concern at the attacker’s strategy of laundering money.
As is the norm in the aftermath an attack, Ethereum users used the network to communicate and one individual attempted to give the attacker some tips on how to better launder his ETH.
“Hello, your initial deposit was from Binance. You must keep the funds in for multiple day or it can be traced,” the attackers wrote as part of an Ethereum transaction. You can then use stealthex.io for currency swaps over a longer period of time. Thank you, please tip or retire me.
Robinson said that it was extremely difficult to launder $600 million, even though he used strict privacy-preserving tools and had a meticulous plan. The U.S. actually found that despite the launderers taking several precautions over many years, they still managed to launder $600 million. Just last month, U.S. officials seize $3.6 billion worth of bitcoin in connection to the Bitfinex hack 2016.