The hacker responsible for the $230 million cyberattack on Indian crypto exchange WazirX has begun transferring stolen funds using Tornado Cash, a digital currency mixer sanctioned by the U.S. government.
The move, which hides the trail of stolen assets, is the latest attempt by the perpetrator to launder the ill-gotten gains.
$6.5 Million in Stolen ETH Transferred
According to cybersecurity firm PeckShield, approximately 2,600 ether (ETH), valued at around $6.5 million, was transferred to the sanctioned crypto mixer early Tuesday.
Additionally, data from Arkham reveals that nearly $4 million worth of ETH was transferred across 16 transactions on the Ethereum network to a Tornado Cash router.
The hacker’s wallet currently holds over $155 million worth of various tokens, with the majority in ETH, valued at around $150 million. Before September 3, they had not moved any of the money.
Tornado Cash is a sanctioned decentralized platform that allows users to exchange tokens while concealing the originating and receiving wallet addresses, making it difficult to trace the flow of funds.
Although the service itself is not illegal, it has frequently been used by cybercriminals to obfuscate transactions linked to stolen or illicit cryptocurrency.
Customers Warned of Up to 43% Losses
This latest movement of funds comes just weeks after the July 18 cyber attack that targeted WazirX. The incident resulted in the loss of more than $230 million in user assets, a sum that represents over 45% of the exchange’s total reserves.
Following the breach, the Indian exchange has filed for restructuring to manage its liabilities, with a request set to be heard by the Singapore High Court on Tuesday. The court will also hear its prayer for six months of protection on the same day, a move intended to provide the exchange with breathing room as it navigates the restructuring process.
The petition was made by Zettai, a Singapore-incorporated entity whose subsidiary, Zanmai India, operates WazirX. Meanwhile, the company’s legal advisers have warned that customers are unlikely to recover the full amount of their stolen investments.
During a press conference on September 2, Nischal Shetty, co-founder of WazirX, and George Gwee, a director at restructuring firm Kroll, said that users might see a return of only 55% to 57% of their money at best. In the worst-case scenario, customers could lose up to 43% of their holdings on the platform.
However, they are reportedly in talks with a “white knight” investor to help close the deficit and increase recovered funds.
Representatives also plan to distribute remaining assets to users on a pro-rata basis while exploring new product development and profit-sharing schemes as additional income sources.
Significance of the Incident on the Broader Industry
The recent cyberattack on WazirX, resulting in a $230 million loss, highlights the persistent vulnerabilities in the crypto exchange ecosystem. The hacker’s use of Tornado Cash to launder stolen funds exemplifies the challenges in tracing and recovering assets in the decentralized finance (DeFi) space. Tornado Cash, while not illegal, is frequently exploited by cybercriminals to obscure illicit transactions, making it difficult for authorities to track stolen cryptocurrencies.
This situation underscores the need for more robust security measures within exchanges and the broader crypto infrastructure to protect user assets and prevent such significant breaches.
The impact on WazirX’s customers is severe, with the potential loss of up to 43% of their investments. The ongoing restructuring efforts and legal actions reflect the gravity of the situation and the desperate need to mitigate further financial damage.
This breach not only raises questions about the security of digital assets but also about the adequacy of regulatory frameworks to safeguard against such attacks. The situation serves as a cautionary tale for both crypto investors and exchanges, emphasizing the importance of stringent security protocols and proactive risk management strategies.
Article Source: CryptoPotato
