Axie Infinity co-founder gets hacked and loses R$48 million

Jihoz, co-founder of the popular game Axie Infinity, fell victim to a hacker attack that resulted in a loss of $9.7 million, approximately 48 million reais. Jihoz’s personal wallet was compromised, allowing hackers to steal more than 3 million RON tokens from the Ronin network.

According to the businessman, the tokens were exchanged for Ethereum (ETH), causing the price of the RON token to fall by 9%, according to information from CoinMarketCap.

The Ancilia security team was the first to notice the suspicious movements, which initially indicated a problem with the Ronin Bridge itself.

However, this theory was quickly refuted by Axie and Ronin’s COO, who assured that the network bridge is secure, had undergone several audits and had mechanisms in place to interrupt suspicious recording activity.

“This was a difficult morning for me. Two of my addresses have been compromised. The attack is limited to my personal accounts and has nothing to do with validation or Ronin network operations.”said the co-founder of Axie Infinity.

“I’ll get through this. I will continue on this magical journey with all of you.”concluded.

The personal addresses of the Axie Infinity co-founder have been hacked

Security firm Peckshield revealed that more than 3,000 ethers were drained from Ronin Bridge, a working part of the game Axie Infinity.

According to Peckshield, the heist consisted of well over a dozen transactions involving three different wallets.

As the company’s post shows, some of the money was moved between criminal wallets before being deposited into Tornado Cash, further complicating tracking.

It is worth remembering that Axie Infinity gained popularity with its innovative ‘play to earn’ model, especially during the latest cryptocurrency market boom in 2021.

To circumvent Ethereum’s high transaction fees, Ronin Network was developed as a low-cost solution for players to manage their assets.

Hacking history

This is not the first security incident involving Axie Infinity; by 2022, the Ronin Bridge had already been affected, resulting in losses of millions of dollars. The money stolen in this latest attack was deposited into Tornado Cash, a service known for mixing cryptocurrencies to hide the provenance of assets.

Ronin Bridge’s security record includes a devastating attack in March 2022 that resulted in losses worth approximately $625 million in Ether and USDC, a scam attributed to the North Korean-sponsored hacker group Lazarus.

The attack was made possible by the compromise of validator keys, highlighting the risks associated with blockchain bridges, which have become attractive targets for digital criminals.

Hackers have targeted prominent figures in the blockchain and crypto space over the past month. A similar case occurred on January 31 when Ripple made headlines when Ripple’s CEO was hacked and lost R$535 million.

Returning to the Axie Infinity co-founder’s hack, some Twitter/X users were skeptical, arguing that while the bridge was not compromised, the hacked wallet appeared to be under the control of the Ronin Network team.

However, Jeff ‘Jihoz’ stated that the compromised wallets were two of his personal addresses and as such were not related to the Ronin network.

The exploitation took place because of “leaked keys,” Zirlin emphasized, which were not related to the activities of the company that created Axie Infinity, Sky Mavis.

Jihoz and the Axie Infinity team have not yet detailed how the hack was carried out, but the case could be the result of a social engineering attack, exemplified by the previous Ronin network hack that came from a malicious PDF sent to the project team was sent.

Source: Live Coins