So it's been almost 6 months since hackers - later linked by the US government to the North Korean Lazarus Group cybercriminal organization - knocked down the Ronin Network (RON) bridge, sidechain connect to Ethereum of the game P2E Axie Infinity. The attacker has siphoned more than 622 million USD, making this the most serious security incident in the history of the industry cryptocurrency – clears Poly Network's record $611 million in 2021.
As of today (September 9,), Chainalysis and US law enforcement have tracked down and recovered $30 million in stolen funds.
2/ With the help of law enforcement & leading orgs in the #crypto industry, more than $30M worth of #crypto stolen by North Korean-linked hackers has been seized.— Chainalysis (@chainalysis) September 8, 2022
In this thread, we discuss how the Chainalysis Crypto Incident Response team played a role. https://t.co/lpbFUlXNJt
“We noticed the hacker bridged ETH from Ethereum luxurious BNB Chain and then transfer ETH to USDD, bridging with BitTorrent chain. The Lazarus Group has performed hundreds of similar transactions on several blockchain to launder the money stolen from Axie Infinity, alongside Tornado Cash as usual.”
Erin Plante, Elliptic's global head of investigations, said:
"This is the first time cryptocurrency stolen by a group of captured North Korean hackers and we're confident it won't be the last."
But it must be admitted that the number confiscated is insignificant compared to the total amount of money stolen by the hacker group and is only a "grain of sand" in the desert.
Coin68 once reported the attacker's "stepping path", based on the report of on-chain investigator “₿liteZero” – who works for SlowMist and contributes to the Security report Blockchain mid-2022 of the company.
Ronin's side is still in the recovery and regeneration stage. Immediately after the security incident, the project immediately raised 150 million USD to compensate 100% for users' losses; open the Bug Bounty program to detect bugs with a prize of 1 million USD; Announcement of the project reform plan; Conduct an audit before reopening the bridge; Apply new governance mechanism; Set a maximum daily withdrawal limit and most recently announced an increase in the number of transaction validating nodes to enhance network security in mid-August, getting closer to the 3-month goal of establishing 21 independent nodes. and in the more distant future 100 active nodes.