The attackers, who pulled 173,600 ETH and 25.5M USDC, or $625 million, from Axie Infinity’s Ronin bridge, have begun a large-scale operation to cash in on their loot via high-liquidity exchanges.
Part of the stolen funds went to Binance, CZ tweeted on Friday. He also confirmed that Binance managed to track down and recover $5.8 million spread across over 86 accounts. It is unclear if Binance managed to pinpoint all of the stolen assets, or only some. No other trading platforms hackers might have used were revealed.
Last week, the FBI asserted that the attack was carried out by high-profile hacker collectives Lazarus and APT38 that the FBI described as “associated with” the Democratic People's Republic of Korea.
The attack itself happened on March 23, but the Axie Infinity team only discovered the exploit after the hackers’ unsuccessful attempt to move the looted assets, five days later. On April 4, they managed to wash a small portion using Tornado.cash mixer in a series of transactions revealed on Etherscan.