A Phisher Steals $24.2 Million of Ethereum and Transfers it to Tornado Cash
A phisher recently stole approximately $24.2 million worth of staked Ethereum (ETH) from a crypto whale and is now transferring the assets to the crypto mixing firm Tornado Cash, according to blockchain security firm Peckshield.
The stolen cryptocurrencies include Lido Staked Ether (stETH) and Rocket Pool ETH (rETH), which were liquid staking tokens, as reported by Peckshield.
#PeckShieldAlert
The phisher, who grabbed ~$24.2M worth of
$rETH &
$stETH,
has transferred 701
$ETH (~$1.15M) to
#TornadoCashThe phisher currently holds $22.7M worth of cryptos, including 13.1K
$ETH and 1.1M
$DAI
pic.twitter.com/GODpSp51wO— PeckShieldAlert (@PeckShieldAlert)
September 8, 2023
The phisher initially transferred 701 Ethereum (ETH) tokens, valued at around $1.15 million, to Tornado Cash. They also exchanged 28,000 DAI tokens for 17.3 ETH and subsequently moved 1,100 ETH ($1.78 million) to the crypto mixer.
Update: The phisher transferred 2,000
$ETH ($3.1M) to a new address 0x71C8…790e, ~600
$ETH was sent to
#TornadoCash.
pic.twitter.com/IkqASk5pvi— PeckShieldAlert (@PeckShieldAlert)
September 12, 2023
Later, the phisher transferred an additional 2,000 ETH (approximately $3.1 million) to a new wallet address and sent 600 ETH to Tornado Cash. Currently, the attacker holds a total of $22.7 million in various cryptocurrencies, including 13,100 ETH and 1.1 million DAI tokens.
Peckshield revealed that on September 7th, the attacker exchanged the stolen assets for 13,785 ETH and 1.64 million Dai (DAI). The acquired DAI has already been moved to FixedFloat, an automated cryptocurrency exchange.
Legal Challenge and Sanctions
Tornado Cash faced sanctions in August last year due to its alleged involvement in money laundering activities. The Justice Department accused the firm of enabling over $1 billion in money laundering, with a significant portion of the funds believed to have benefited North Korea’s Lazarus Group.
The Lazarus Group’s illicit actions have provided financial support to North Korea’s nuclear weapons and ballistic missile programs, according to U.S. authorities. Despite a court decision upholding the sanctions against Tornado Cash, six users challenged the ban but failed to convince the court of any constitutional violations.
Tornado Cash’s Private Ethereum Transactions
Tornado Cash offers users a platform to make their Ethereum transactions more private by combining their funds with other cryptocurrency holdings. This process effectively obscures the origin of a cryptocurrency transaction, making Tornado Cash an appealing option for cybercriminals looking to convert their ill-gotten gains.
Hot Take: Phisher Moves Stolen ETH to Tornado Cash Amidst Sanctions
A phisher recently stole around $24.2 million worth of staked Ethereum (ETH) from a crypto whale and has now transferred the assets to Tornado Cash, a crypto mixing firm. The stolen tokens include Lido Staked Ether (stETH) and Rocket Pool ETH (rETH). The phisher initially transferred 701 ETH tokens worth about $1.15 million to Tornado Cash and exchanged 28,000 DAI tokens for 17.3 ETH. They then moved 1,100 ETH ($1.78 million) to Tornado Cash. The attacker currently holds $22.7 million worth of various cryptocurrencies, including 13,100 ETH and 1.1 million DAI tokens. Tornado Cash has faced sanctions for alleged involvement in money laundering activities. Despite legal challenges, the court upheld the ban against Tornado Cash.