BREAKING: $7 million worth of Ether moved from address associated with Axie Infinity hack

On-chain data reveals that 2,001 Ether was moved today from the addresses connected to the $625 million exploit of Axie Infinity’s sidechain, the Ronin network.

Ether Scan, the Ethereum blockchain explorer, revealed that exactly 2,001 Ether worth approximately $7 million, was moved in the last 8 hours and about 70% or 1,400 Ether worth $4.9 million of the moved Ether passed through the privacy tool, Tornado Cash.

Tornado Cash is a decentralized, non-custodial privacy solution built on Ethereum. It is a privacy tool that enhances the privacy of transactions by breaking the on-chain link between a source and a destination address. This allows exploiters and hackers to mask their addresses while withdrawing illicitly gained funds.

What you should know

• Tornado Cash uses zero-knowledge proofs to achieve privacy. When a user decides to make a withdrawal, the user must provide proof that he or she possesses a secret corresponding to one of the smart contract’s list of deposits.
• The technology allows this proof to be verified without the user needing to reveal which exact deposit corresponds to their secret. The smart contract then checks the proof, and transfers deposited funds to the address specified by the withdrawal transaction. Any external observer is unable to determine which deposit this withdrawal is linked to.
• TORN is Tornado Cash’s native governance token. It’s a fixed-supply ERC-20 token that is used for voting on protocol upgrades and fixes.
• The main Ethereum address associated with the exploit sent 2,001 Ether in two transactions, one 1,001 Ether and the other 1,000 Ether, to a different address, labeled “Ronin Bridge Exploiter 8” on the tracking tool Etherscan.
• Over 601 Ether, valued at $2.1 million, remains in the Exploiter 8 wallet as of the time of this writing. The main wallet that holds stolen funds still holds 173,912.76 Ether, valued at over $608 million, as of the time of this writing. Before today, 6,250 ETH ($21.8 million) has been transferred to various other addresses.

Ronin network was hit by a $625 million exploit last week that affected Ronin validator nodes for Sky Mavis, the publisher of the popular Axie Infinity game, and the Axie DAO. The attacker “used hacked private keys in order to forge fake withdrawals” from the Ronin bridge across two transactions, as seen on Etherscan, Ronin said in a blog post on Substack. Investigations are underway, with all former Sky Mavis validators said to have been replaced.