Unfortunately, a vast majority of the stolen funds still remain in the hands of the hacker.
Via a Twitter post on Friday, Changpeng Zhao, CEO of Binance, said that the cryptocurrency exchange recovered $5.8 million spread over 86 accounts in digital assets moved to the exchange by Lazarus Group. Last month, the North Korean cyber-criminal group allegedly stole 173,600 Ether (ETH) and 25.5 million USD Coin (USDC), worth over $600 million at the time, belonging to Axie Infinity’s Ronin bridge.
As of Friday, the wallet address associated with the Ronin has around $280 million in digital assets remaining. Blockchain forensics company Elliptic recently uncovered that the hackers have been sending the money to centralized exchanges and cryptocurrency trail-mixer decentralized application, or DApp, Tornado Cash. In addition, it appears the hackers also swapped the stolen USDC for Ethereum on decentralized exchanges, or DEXs.
Possibly in response to alleged acts of money laundering, Uniswap DEX announced it was screening addresses that might be associated with moving “hacked or stolen funds” based on intelligence provided by TRM Labs.
Similarly, via Chainalysis, Tornado Cash is blocking wallets linked to illicit activity from accessing its DApp.
However, as told by its founder, Roman Semenov, the new screening process only blocks users from accessing its DApp user interface and does not prevent the movement of funds into its underlying smart contract.
Despite the incident, Axie Infinity creator Sky Mavis recently closed a $150 million funding round led by Binance. The funds will partly be used to reimburse investors who suffered losses in the exploit. In addition, the remaining amounts will be compensated via Sky Mavis’ own money. If the stolen funds are not fully recovered within two years, the Axie decentralized autonomous organization will vote on the next steps for the treasury.