Following the $620 million attack on Axie Infinity’s Ronin sidechain, one researcher has traced fund flows to sanctioned crypto mixers.
The attackers used hacked private keys to make ETH and USDC withdrawals from the Ronin sidechain, a so-called crypto bridge designed to help Axie Infinity players move tokens between blockchains.
During the attack on March 23, 2022, hackers pilfered 173,600 ETH and 25.5 million USDC from Axie Infinity, a play-to-earn game, sending the stolen funds to a 42-character address on the Ethereum blockchain.
Due to the publicly visible nature of the blockchain, huge sums are challenging to move anonymously. Additionally, mixers’ optimal functioning depends on holding enough liquidity to exchange illegal funds for cleaner money.
According to Immunefi, a bug-bounty platform, mixers could take years to funnel a nine-figure amount. Hence the group resorted to incremental transactions.
How the funds moved
Hackers first passed 6,429 ETH through Tornado Cash before sending the funds to Huobi. At Huobi, the funds were converted into bitcoin. Over 5,000 ETH went to exchange FTX.
According to the Slowmist researcher, 439 bitcoin from Huobi were then passed through Blender, a bitcoin mixing tool sanctioned by the U.S. government. The hacker deposited the funds to addresses prohibited explicitly by U.S. sanctions. They then went on to convert 113,000 ETH funneled through Tornado Cash to renBTC, a form of bitcoin living on the Ethereum blockchain, by using two decentralized exchanges. The renBTC was transferred to the bitcoin blockchain, which converted it into BTC.
US Treasury tries to pin down mixing services
Mixers obfuscate the link between the origin and destination of cryptocurrencies by pooling user funds, making them an attractive tool for criminals to siphon illicit funds.
On Friday, May 6, 2022, the U.S. Treasury Department sanctioned Blender.io, a bitcoin mixing service believed to be an instrument used by North Korean hackers, The Lazarus Group, to launder funds for cybercrime. At the time, the Treasury Department said that the mixer processed over $500 million in bitcoin transactions and was used in the Axie Infinity hack.
On Aug.8, 2022, the department also sanctioned Tornado Cash, citing the mixer’s indifference to implementing adequate controls to curb illicit activity. The sanctions prevent all U.S. companies and individuals from interacting with the mixer.
While the Treasury Department claimed that Tornado Cash laundered over $7 billion since 2019, the co-founder of Elliptic, a blockchain analytics firm, thinks the government department is conflating illicit fund flows with legitimate ones and could only find $1.5 billion in criminal proceeds.
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.