In a stunning turn of events, the perpetrator behind the Kyberswap exploit has initiated an act of laundering. Reports indicate that approximately 4.5 million worth of stolen assets are already being funnelled into Tornado Cash, a renowned privacy-focused platform. As the exploit continues to unfold, the convergence of illicit activity and decentralized anonymity underscores the pressing need for robust security measures and heightened vigilance across the crypto landscape.
The hacker begins moving pilfered funds through a bridge to elude tracking
Blockchain security and analytics company Peckshield notified the crypto Twitter of the latest movement of funds. They revealed that the hacker now has begun laundering money out of the $50M Kyberswap exploit. He initiated by bridging over 3k ETH ($6.8M according to current market prices) from Arbitrum to Ethereum. Later about 2k ETH ($4.5M) was transferred to a currency mixer, Tornado Cash in two different transactions of 1K ETH by addresses addressed to the exploiters.
Is the exploiter’s identity revealed?
Shortly after the Kyber exploit, keen-eyed DeFi watchers noticed that a wallet connected to the Kyber exploiter sent $2 million to a wallet associated with Andean Medjedovic, the Indexed Finance exploiter. While there is no official confirmation, in public DeFi circles it’s commonly assumed that Medjedovic exploited KyberSwap.
This assumption comes after the hacker demanded the surrender of all Kyber company assets, both on-chain and off-chain, including shares, equity and tokens. According to the exploiter, the Kyber team should meet the demands by Dec. 10. If not, the treaty falls through. The hacker also threatened that the treaty would also be void if any agents contacted them concerning the trades they placed on Kyber.
Conclusion:
Tornado Cash has become an enticing escape route for crypto hackers, providing them with an easy route to launder stolen assets. The protocol’s emphasis on privacy, achieved through its innovative mixing mechanisms, allows malevolent actors to obscure the origin and destination of funds effectively. The seamless blending of transactions within Tornado Cash’s decentralized and trustless environment makes it a preferred choice for those seeking to anonymise their ill-gotten gains.
As the exploits continue to persist and hackers exploit the advantages offered by platforms like Tornado Cash, while the users await Dec 10, it becomes increasingly necessary for the cryptocurrency platforms to collaborate on implementing robust security measures.
Source: Read Full Article