Hackers Steal $9.7 Million from Sky Mavis Co-Founder

Sky Mavis co-founder Jeffrey Zirlin reported a breach of two personal wallets. The perpetrators managed to withdraw 3,248 ETH, amounting to approximately $9.7 million. 

This has been a tough morning for me.

Two of my addresses have been compromised.

The attack is limited to my personal accounts, and has nothing to do with validation or operations of the Ronin chain.

Additionally, the leaked keys have nothing to do with Sky Mavis operations.…

— Jihoz.ron ? (@Jihoz_Axie) February 23, 2024

“The attack is limited to my own accounts and has nothing to do with the validation or operation of the Ronin network. Furthermore, the leaked keys have no connection to Sky Mavis operations,” Zirlin stated.

According to PeckShield, hackers withdrew funds from the Ronin bridge and have already transferred them to the crypto mixer Tornado Cash.

#PeckShieldAlert It appears a whale wallet has been compromised, & ~3,248 $ETH (worth ~$9.7m) from the #Ronin Bridge was withdrawn and transferred to #TornadoCash pic.twitter.com/sRK36BQFDu

— PeckShieldAlert (@PeckShieldAlert) February 23, 2024

Another Sky Mavis co-founder, Aleksander Leonard Larsen, also stated that there are no issues with Ronin, and the wallet was compromised in a manner that “happens on every blockchain.”

“The bridge itself has the highest level of security, has undergone numerous audits, and is paused when too many funds are withdrawn,” he added.

In March 2022, hackers from the Lazarus Group exploited a vulnerability in the Ronin code, withdrawing crypto assets worth approximately $625 million.

A year after the incident, Sky Mavis announced plans to enhance decentralization and collaborate with other studios to develop games based on the network.  

In March 2023, the developer announced the transition of Ronin to a new consensus mechanism — Delegated Proof-of-Stake.