After almost five months, the investigation reveals new information concerning Ronin’s bridge exploit.
The Ronin bridge, an Ethereum sidechain built for Axie Infinity, was purloined for $625 million back in March. It appears that the stolen funds were transferred from Ethereum (ETH) to Bitcoin (BTC) blockchain.
According to the blockchain investigator or developer ₿liteZero, the majority of funds have been relocated to Blender and ChipMixer in Bitcoin network.
The investigator notes that before reaching the Bitcoin blockchain, stolen funds were often moved from one mixer or crypto exchange to another on Ethereum blockchain.
The investigation revealed that funds were exchanged to ETH and transferred to sanctioned Tornado Cash. One of the most prominent qualities of the Ethereum-based crypto mixer is its anonymity, making responsible authorities struggle to track the movement of stolen funds.
₿liteZero has found out that the hackers were extremely cautious and didn’t stop with Tornado Cash. They firstly moved a part of their funds, around 6,250 ETH, to centralized exchanges (CEXs). It has been estimated that hackers transferred 5,028 ETH to Huobi and 1,219 ETH to FTX.
Afterward, it seems that the thieves used Ren protocol to convert distributed Ether (ETH) to Bitcoin (BTC). The ₿liteZero report revealed that hackers transferred 439 BTC to sanctioned North Korean mixer Blender.
Back in May, the United States Treasury Department sanctioned specific Blender addresses. ₿liteZero in its Twitter thread notes:
I’ve found the answer in Blender sanction addresses. Most Blender sanction addresses are Blender’s deposit addresses used by Ronin hackers. They have deposited all their withdrawal funds to Blender after withdrawing from the exchanges.
Bridge attacks seem to become a popular technique for hackers to exploit crypto funds. On August 2nd, Nomad bridge was drained of almost all of its funds, $190,7 million in crypto.
This article was originally published in Bitdegree and can be viewed here: