By
Godfrey Benjamin
April 26th, 2024
The Axie Infinity co-founder lost over 3,200 ETH to the hack, but assured that the situation is unconnected to Sky Mavis.
One of the Axie Infinity and Ronin Network founders, Jeff “Jihoz” Zirlin, has lost nearly $10 million in a hack on his accounts. Zirlin lost the funds in two of his crypto wallets earlier this morning. Reportedly, the hacker had already routed the assets through Tornado Cash.
Blockchain investigator PeckShield made an X post about a whale account losing funds over the Ronin Bridge. According to PeckShield, the account lost 3,248 ETH. Shortly after the post, Ronin Network co-founder Aleksander Larsen responded that “the bridge has no issue and Ronin is not compromised”. While he noted that the bridge has good security and “goes on pause when too much is being withdrawn,” he admitted that a wallet was compromised.
Axie Infinity Co-Founder Confirms Hack
Not long after, Zirlin himself confirmed that he had lost money but did not specify how much. In an X post, Zirlin said:
“This has been a tough morning for me. Two of my addresses have been compromised. The attack is limited to my personal accounts, and has nothing to do with validation or operations of the Ronin chain.”
He also assured that the leaked keys are unconnected with Sky Mavis, the parent company of both Axie Infinity and the Ronin Network.
According to PeckShield, the hackers moved the funds from Zirlin’s accounts into three individual wallets. They then pushed the funds into Tornado Cash, a tool that obscures asset ownership and makes tracing difficult.
Back in March 2022, hackers successfully drained the Ronin Bridge of more than $600 million in one of the largest hacks in all of crypto history. Ronin confirmed that it lost more than 173,000 ETH, and over 25 million USDC. The network also explained at the time that hackers were able to compromise validator nodes for Ronin and Axie DAO. This allowed the attackers to drain the funds in two transactions.
Ledger Hack
Later, the US Treasury Department linked the theft to the infamous North Korean hacker collective, the Lazarus Group. The Department then added an ETH wallet address to its Specially Designated Nationals and Blocked Persons List, known as the SDN List. At the time, the wallet had about 148,000 ETH. According to current Etherscan data, the wallet has less than 100 ETH, worth about $292,207 at present prices.
Unfortunately, security hacks and breaches are not uncommon in the crypto sector. In December, hackers successfully inserted malicious code into Connect Kit, an interfacing software used by crypto hardware wallet firm Ledger. The software, also used by other DeFi protocols, including Sushi, Lido, and MetaMask, functions as an interface to crypto hardware wallets. While Ledger lost $484,000, other decentralized apps (DApps) that use Connect Kit may have lost varying amounts.
In an official post, Ledger Chairman and CEO Pascal Gauthier explained that the exploit resulted from a phishing attack that targeted a former employee. He then confirmed that the code was removed within 40 minutes of discovery. Gauthier also assured that the exploit did not affect the Ledger Live software or any Ledger hardware wallet.
