Ronin crypto hack: Recovering stolen funds ‘remains an open question,’ analyst says

TRM Labs Head of Legal and Government Affairs Ari Redbord joins Yahoo Finance Live to discuss the second largest theft seen in crypto.

Video transcript

BRIAN CHEUNG: Well, let's continue talking about this because one of those top four gaming coins that Brad just talked about, again, is an Axie Infinity, but there was news yesterday that hackers stole more than $615 million worth of crypto, Ether and also USDC stablecoin, linked to the game. It's a lot of jargon, but basically one of those play-to-earn games apparently had a vulnerability that was exposed. Let's bring in Ari Redbord, TRM Labs head of legal and government affairs. This is a serious deal, Ari. It's the second largest theft scene in crypto, again, hackers apparently able to exploit the side chain that serves as the rails for transactions in this game. Simple question here, will the people that are affected by this, should they expect to get their money back? ARI REDBORD: Yeah, I know. It's a great question, and thank you for having me. And that was a great lead-up because to understand this hack, it's really important to kind of understand the business model. And just sort of level setting for a moment, look, essentially, what happened here is that Axie Infinity and the parent company created a blockchain in order to handle all of these transactions called Ronin. And even while the game is based on the blockchain, Ethereum, what Ronin did was create a bridge to allow users to sort of do cheaper transactions on that blockchain. And this attacker really went after this bridge and was able to essentially steal private keys, hack into private keys, to give them access to the bridge, where they drained about $625 million in today's number. I think, really, the question about getting these funds back is really an open question today. I think one of the unique situations here is given the quality-- the qualities of the blockchain, this sort of open transparent ledger, you know, TRM and others are tracing transactions and following these transactions in real-time, hopefully with the prospect of seizing back these funds, whether it's law enforcement or someone else. But I think this definitely remains an open question. AKIKO FUJITA: Yeah, and Ari, that's been the interesting part in all of this, whether it is-- we can look at it as positive or not, you look at something like the hack with Bitfinex. They were able to trace the coin back then, when we're talking about $3.6 billion. So if you're talking about the quality of the blockchain, how do the gaming coins hold up? ARI REDBORD: Yeah, no, it's a really interesting question. And, you know, with the Bitfinex-- in the Bitfinex case, you essentially had those individuals launder funds across blockchains and years, using every obfuscation technique that was available to them, mixing services and privacy coins. Here, it's interesting. What we saw over the course of the last five days is essentially the attackers just go right to a cryptocurrency exchange to attempt to off-ramp these funds. Because as you know, look, the blockchain is immutable, and it's highly visible. So the world is watching these transactions. So rather than to try to obfuscate flows, these attackers try to get to an off-ramp as quickly as possible. Very, very different than the Bitfinex case. BRIAN CHEUNG: Now what's interesting about the Bitfinex case is that that was the DOJ and those investigating the case kind of unearthing that situation. In this case, we're seeing this self-reported by the gaming company and also the operator of the bridge that was also part of the hack here. Now what's the next step here? Should the expectation be that you're going to see state, maybe federal investigators try to figure out if they can trace the fingerprints to who this is? Because it seems like that's still the open question here, whether or not the people that were responsible for stealing this money will ultimately be held responsible. ARI REDBORD: It is very hard. I spent about 11 years as a federal prosecutor. And the Bitfinex case is really extraordinary because of the fact that we were actually able to arrest the individuals involved. Oftentimes, when you have nation state actors like North Korea and others, it is very, very difficult to make arrests. Excuse me. And this might be a similar situation. It is often very, very difficult. You have Russian cyber criminals and North Korea state actors like Lazarus Group. It is often very, very difficult to actually make arrests in these kinds of cases. But I can tell you, given the amount, law enforcement-- and not just law enforcement-- forensics companies like TRM Labs and others, the Twitterverse, you know, everyone is watching these funds move. And at this moment, they're essentially sitting in wallets. But again, the world is watching. And that's the really, really interesting thing about the nature of the blockchain and the sort of open ledger, where you do have this self-policing, this community of sort of super sleuths who are watching these transactions. AKIKO FUJITA: Ari, there is a larger question about security. And I realize that we're talking about the blockchain. We're still in early days here, but what do you see as the biggest missing piece? How do these, whether it's Bitfinex, or for talking about specifically, Axie, how do they beef up their security in light of what has played out? ARI REDBORD: It's a great question. And it really, really does still come down to cybersecurity, which is the issue for non-crypto businesses as well, right? And I think the key here is right now, we have a very, very nascent cryptocurrency industry. We have new businesses who are really just working to build out these cyber defenses and these compliance controls. You're seeing it happen. But the fact is in the age of crypto, a hack means the loss of life savings potentially. And it's just so critical that these businesses do everything that they can to, on the one hand, harden cyber defenses, just like any other financial institution or business. But then on the other hand, really ensure that you have blockchain intelligence and other sort of controls in place in order to track and trace the funds if there is an attack. And you see sort of Axie and the Ronin blockchain attempting to do all of that in real-time today.