The hacker who exploited the Deribit exchange’s hot wallet has started moving the stolen funds using the sanctioned cryptocurrency mixer Tornado Cash.
According to data from Etherscan, the attacker has sent a total of 1,610 ETH since the exploit amounting to a sum of $2.54 million per the current price of Ethereum pegged at $1,577.84, according to data from CoinMarketCap.
Blockchain security outfit PeckShield was the first to spot the transfers being done as of Saturday, with a total of $350,000 moved at the time. According to the Etherscan data, the balance on the hacker’s address is pegged at 7,501.37 ETH, with substantially more funds to launder.
Attempts to trace the funds have now been complicated by the involvement of Tornado Cash. The crypto mixing protocol receives funds, splits them into several units, and cryptographically sends them to unrelated addresses in a manner where the source of the funds can be obfuscated.
The role Tornado Cash plays in the laundering of stolen funds such as this accounts for why the United States Treasury Department’s Office of Foreign Assets Control (OFAC) has banned the protocol. The regulator alleged that about $7 billion have been processed through the protocol thus far with a significant sum linked to the cybercrime syndicate Lazarus Group from North Korea.
Despite the protests from the crypto industry, the ban on Tornado Cash has been upheld, however, it has not stopped the Deribit exploiter from taking advantage of the shield it provides.
Since Blockchain.News reported the exchange’s $28 million exploit earlier this month, the protocol has taken several initiatives beyond the halting of transactions. The exchange said it has routed its transactions to Foreblocks for its robust security services, advising its users to open new Bitcoin (BTC) and supported altcoin addresses on Fireblocks to continually access its products and services.
Image source: Shutterstock