Axie Infinity

TL-DR breakdown

  • Hackers compromised Jeff Zirlin’s wallets, stealing 3,248 Ethereum worth about $9.7 million.
  • PechShield was the first to report this security breach involving a crypto laundering process at Tornado Cash.
  • Despite the personal loss, Jeff assures Axie Infinity users that its network remains secure without impacting their operations.

Jeff Zirlin, the co-founder of Axie Infinity, a popular blockchain game, suffered a major security breach from his cryptocurrency wallets. Hackers managed to get away with 3,248 Ethereum, valued at around $9.7 million. Once again, this occurrence highlights a vulnerability in the security threats linked to digital assets.

Scheme Behind Jeff’s Security Breach

Blockchain security experts at PechShield were the first to report this incident. They identified that Jeff’s crypto wallet, Ronin, had been compromised. The hackers behind this scheme went further, laundering the stolen digital assets at Tornado Cash. This notorious move commonly hides the cryptocurrency’s origin, making it hard to trace.

On X, Jeff Zirlin confirmed that this attack only targeted his assets. He stressed that Axie Infinity and its associated networks remained unaffected.

“This has been a tough morning for me. Two of my addresses have been compromised. The attack is limited to my personal accounts and has nothing to do with the validation or operations of the Ronin chain. Additionally, the leaked keys have nothing to do with Sky Mavis operations. I want to assure everyone that we have strict security measures in place for all chain-related activities. Thank you to everyone that’s reached out. I’m safe.”

In response to Jeff Zirlin’s claim, Aleksandar Larsen, a co-founder of Robin Network, assured their users that their assets were intact. He clarified that Jeff’s loss was due to a compromised personal wallet, not a failure in system security.

“The bridge has no issue, and Ronin is not compromised—extremely misleading title. A wallet has clearly been compromised, like what happens on every chain, and the funds are being tornado-cashed. The bridge itself has top security, been through many audits and goes on pause when too much is being withdrawn.”

Robin Network emphasized that two of Zirlin’s wallets were compromised. The loss was 3.2 million RON, 282.32 WETH, 160,000 PIXEL, 2.76M SLP, 2,042 USDC, and 164 AXS. The attackers converted these assets to ETH.

Ronin’s $625 Million Hack

Jeff Zirlin’s wallet attack comes two years after Ronin Bridge experienced a similar incident. Ronin lost $625 million through flaws in its security system, but unlike Zirlin’s case, Ronin’s attack did not involve crypto laundering tricks. This facilitated the tracing of the stolen assets.

Security experts attributed the attack on Ronin to a North Korean hacker group, Lazarus. They were able to access Ronin Bridge’s assets owing to inadequate decentralization within the Ethereum gaming sidechain. In a swift response, officials managed to reclaim $30 million of the stolen funds. Sky Mavis took responsibility for ensuring reimbursement of the recovered funds, showing commitment to user security.

As firms remain vigilant in their security measures to prevent future attacks, users should be careful while dealing with their digital assets. The role of safeguarding digital assets is a mutual responsibility.

Also read: 400 Million Dogecoin Vanish Suddenly: Is Doge in Danger?