- Jeff Zirlin, co-founder of Axie Infinity and Ronin Network, had two personal Ether wallets hacked resulting in a theft of $9.7 million worth of Ether.
- The hacker transferred the 3,248 stolen ETH to Tornado Cash, a crypto mixer, making the funds difficult to track.
- While Ronin’s operations were secure, the hack demonstrates risks of storing large crypto amounts in personal wallets and using anonymizing services like Tornado Cash.
Jeff Jihoz Zirlin, co-founder of Axie Infinity and Ronin Network, had two personal crypto wallets hacked, resulting in the theft of approximately $9.7 million worth of Ether. The hacker transferred the funds to Tornado Cash, a crypto-mixing service often used by hackers to anonymize transactions.
The February Hack
On February 23, blockchain investigator PeckShield reported a hack involving 3,248 ETH stolen from the Ronin Bridge. Aleksander Larsen, another Ronin Network co-founder, said the hack was likely of a personal wallet rather than a vulnerability in Ronin’s infrastructure.
Zirlin later confirmed two of his personal wallets were compromised. He assured that Ronin’s operations were secure and the breach was limited to his personal funds. The wallet hack enabled the unauthorized transfer of Zirlin’s private keys, granting the hacker access.
The Stolen Funds in Question
PeckShield tracked the stolen 3,248 ETH as it was split and moved across three different wallets. The funds eventually reached Tornado Cash, making the trail harder to follow.
On February 1, Binance froze $42 million worth of stolen XRP from another hack. Unlike Zirlin’s hacker, those funds could be tracked as they weren’t anonymized.
Impact and Response
While the hack didn’t affect Ronin Network’s security, it demonstrates the risks of storing large amounts of crypto in personal wallets. The increased use of mixers like Tornado Cash also poses challenges for tracking down stolen funds.
The Ronin team is still investigating the details around how Zirlin’s wallet was compromised. They maintain confidence in Ronin’s infrastructure but advise users take precautions in securing their own wallets.
