Ronin bridge exploiter starts withdrawing their loot

The attacker, who pulled 173,600 ETH and 25.5M USDC off the Ronin bridge, has managed to withdraw a portion of their loot.

The breach, dubbed the biggest hack in crypto history, took place on March 23, but went unnoticed until the attacker attempted to withdraw 5000 ETH five days later, and failed.

Today, they seem to have used Tornado.cash mixer to wash the first batch, as evidenced by Etherscan. It’s only a fraction of the stolen sum, but the attacker had to break it down to be able to use a centralized exchange with high enough liquidity and trading volume. They used Tornado.cash to avoid recognition.

Source: Etherscan

In response to the attack, the Ronin team replaced all nine Sky Mavis validators and announced they would be adding more in the coming weeks to bolster the network’s security.

Ronin also pledged to “recover or reimburse” all of the drained funds, and quickly teamed up with Chainalysis and CrowdStrike to investigate the attack.

Binance has since resumed deposits and withdrawals for both Axie Infinity Shards (AXS) and Smooth Love Potion (SLP).