An experienced writer with practical experience in the fintech industry. When not writing, he spends his time reading, researching or teaching.
This is not the first time hackers will be moving or attempting to move funds through Tornado Cash. The crypto mixer gained popularity for being the go-to exchange for hackers who want to move their loot.
There are indications that over 5,505 Ether connected to the Ronin exploiter address have been moved through privacy exchange Tornado Cash. According to data from Etherscan, the movement happened in the early Asian hours on Wednesday. The transaction was performed in 55 batches with about 100 ether moved with each transaction.
Recall that hackers exploited the Ronin bridge of Axie Infinity and carted away crypto worth over $600 million. Afterward, the treasury department linked the wallet used in the attack to the North Korean-based Lazarus Group. Consequently, the wallet address was sanctioned. It seems however that this has not stopped the hackers from moving the funds using Tornado Cash.
Not Anything New
This is not the first time hackers will be moving or attempting to move funds through Tornado Cash. The crypto mixer gained popularity for being the go-to exchange for hackers looking to move their loot.
The protocol makes it impossible to trace intra-wallet transactions. It uses pre-written codes to execute smart contracts. The protocol neither provides custodial services nor does it operate a centralized website.
In February, hackers involved in the Wormhole hack experimented with Tornado cash. The LooksRare core team also faced backlash after cashing out about $30 million in WETH using the protocol. More recently, Rare Bears Discord hackers funneled their stolen funds through the dApp. Also, up to $65 million of the funds stolen through the Ronin Hack have been moved through the platform.
Tornado Cash Compliance Move
Interestingly, just over a month ago, Tornado Cash announced its decision to block OFAC sanctioned wallet addresses. The announcement came after the cyber unit of the Treasury department linked the Ronin Hack to the North Korean Lazarus Group. The team stated, “Maintaining financial privacy is essential to preserving our freedom; however, it should not come at the cost of non-compliance.”
The idea was to use oracle contracts from Chainalysis to block access to the decentralized application. However, this does not seem to have any effect on the underlying smart contract. At the time of writing, the receiving wallet on Tornado cash contained just 3.4 ETH.