Ronin Network (Axie Infinity) Hack 2022 — $625M Exploit Analysis

North Korean Lazarus Group compromised 5 of 9 Ronin validator private keys, enabling unauthorized withdrawals from the bridge.

Details

Full Description

Attackers compromised 4 Sky Mavis validator keys and 1 Axie DAO validator key through a spear-phishing attack on a Sky Mavis employee. With 5/9 signatures, they drained the Ronin bridge in two transactions. The hack went undetected for 6 days until a user reported inability to withdraw funds.

Laundering Analysis

ETH sent to Tornado Cash mixer in batches. Some funds routed through Blender.io (later sanctioned). A portion converted to BTC via RenBridge. US Treasury sanctioned associated Ethereum addresses. Approximately $30M recovered by US DOJ in 2022.

Sources

Transaction Hashes

Related Hacks

Back to Browse