The hacker who recently attacked WazirX, an Indian-based cryptocurrency exchange, and stole $230m has taken necessary steps to cover his track. On September 2nd, the hacker transferred more than $6.5 million worth of ETH using Tornado Cash, a popular cryptocurrency mixing platform that conceals the wallet addresses on the blockchain. This is perhaps a calculated effort to hamper tracing the stolen money.
The incident in July was due to a vulnerability that hackers took advantage of and got access to one of WazirX’s multisig wallets. The hacker made away with over $230 million in different cryptocurrencies, with over $100 million in SHIB and $52 million in ether. According to the company’s statement, the stolen assets included more than 45% of WazirX’s total reserves in June 2024. It has elicited concerns within the cryptocurrency space, given that the quantum of money lost is usually monumental, coupled with the difficulties of recovering lost funds within the decentralized finance industry.
Also Read: WazirX Faces Criticism Over Frozen Assets as Users Demand Urgent Action
Hacker Utilizes Tornado Cash to Obscure Fund Movements
The hacker needed to wash the money by initiating a transaction that would send the funds to Tornado Cash. Tornado Cash is a mixing service that serves as a wallet that anonymizes transactions through mixing, where they put the funds together and then send them out to different addresses. The hacker split the stolen ether into 26 different transactions, and the proofs became more challenging to link sequentially.
Advertisement
Analysis conducted by blockchain firm Arkham showed that the hacker addresses control over multiple cryptocurrencies, including over $155 million worth of tokens. This was the first time the hacker used Tornado Cash to transfer funds. There is speculation about further dispersal of the stolen funds through Tornado Cash. Such mixing services further make it complex to regain the funds since it becomes difficult to track and freeze the gotten-with-vice cryptocurrencies.
Conclusion
The movement of $6.5 million worth of stolen ether through Tornado Cash by the WazirX hacker underscores the ongoing challenges in securing and recovering assets in the cryptocurrency space. As the investigation continues, the use of advanced obfuscation techniques like Tornado Cash highlights the difficulties authorities and exchanges face in tracking and reclaiming stolen funds. This incident is a stark reminder of the vulnerabilities in even the most secure blockchain networks.
Also Read: WazirX Announces Partial INR Withdrawals Following $230 Million Hack