Cryptohack Roundup: Norway Freezes Hacked Ronin Funds

Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, the Norwegian government froze funds from the Ronin hack

Norwegian authorities have frozen and returned $5.7 million linked to the $600 million Ronin exploit, according to a statement from blockchain game developer Sky Mavis on Monday.

Ronin, an ethereum sidechain supporting the play-to-earn game Axie Infinity, was exploited by a hacker in March 2022, marking the largest decentralized finance exploit in history. The exploit has been attributed to North Korea's Lazarus Group by blockchain analysis firms and the U.S. Federal Bureau of Investigation.

According to Sky Mavis, 15% of the recovered funds will cover expenses, while the remaining funds will be credited to the Axie Infinity treasury. Law enforcement also froze $40 million in other assets, but Sky Mavis said it could not provide a timeline for the return.

"We are grateful for the Norwegian government's assistance in recovering these stolen funds. This incident highlights the critical role of international cooperation in combating cybercrime and protecting digital assets," a Sky Mavis spokesperson told Information Security Media Group.

The Ronin exploit targeted the sidechain's bridge, which enables users to transfer assets between ethereum and Ronin. To complete a withdrawal, users submit a request, which is then signed by a majority of the bridge's nine validators. Normally, these validators include Sky Mavis employees and third-party firms such as cryptocurrency exchange Binance.

However, the attacker compromised the private keys of four out of the five validators and obtained a signature from a social recovery validator, enabling them to withdraw large sums of ethereum and USDC from the bridge. The attacker used the decentralized exchange aggregator 1inch to swap half of the stolen ethereum for bitcoin.

Later in March 2022, blockchain analysis firm Chainalysis reported that $30 million of the stolen funds had been laundered through decentralized mixers and cryptocurrency tumblers.

In April 2023, Norwegian authorities seized $5.7 million linked to the Ronin exploit, according to Sky Mavis. The company did not provide further details on the recovery process or the parties involved in the seizure.

News source：https://www.kdj.com/cryptocurrencies-news/articles/cryptohack-roundup-norway-freezes-hacked-ronin-funds.html

The above is the detailed content of Cryptohack Roundup: Norway Freezes Hacked Ronin Funds. For more information, please follow other related articles on the PHP Chinese website!