What's in this article
The attackers moved $625 million USDC and ETH to Ethereum-based crypto mixer Tornado Cash, making it difficult for authorities to monitor the movement of funds. But Tornado wasn’t the last as hackers took more steps to obfuscate transactions.
Follow the Money
₿liteZero said it tracked the stolen funds and noticed that the attackers transferred all assets to the Bitcoin protocol using a network bridge.
I’ve been tracking the stolen funds on Ronin Bridge.
I’ve noticed that Ronin hackers have transferred all of their funds to the bitcoin network. Most of the funds have been deposited to mixers(ChipMixer, Blender).
Using Centralized Exchanges
The blockchain researcher found that after hackers withdrew money from Tornado Cash, they sent the funds around 6,250 ETH ($20.7 million) to centralized exchanges (CEXs) like Huobi and FTX.
In May, the United States Department of the Treasury approved Blender addresses, stating that the crypto mixer Ronin helped hackers process over $20.5 million in stolen funds.
Interestingly, ₿liteZero noted that most of the verified Blender addresses were used by Ronin hackers to receive money after being pulled from CEXs.
Hackers Bridged Stolen Funds to Bitcoin Network
The hackers converted the rest of the assets into renBTC using 1 inch or Uniswap. Ren enables the movement of value between blockchains. The hackers managed to connect the assets from Ethereum to the Bitcoin network.
Later, the hackers sent most of the funds to crypto mixers like ChipMixer and Blender. They transferred the funds to ChipMixer before pulling some of it into Blender.
₿liteZero, in closing its Twitter message, said that they are currently trying to analyze the hackers.
I’m working on analyzing Ronin hackers, and the next work will be more complex. ‘Where’s the money?’ It is a mystery to be investigated, and I look forward to more progress being made. Thanks for taking the time to read my thread, good luck!