Stolen funds from the exploit on the Indian crypto exchange WazirX are being swapped for Ether. Experts believe this is a bid to prevent authorities from blacklisting the assets.
According to the analytics platform Spot On Chain, the attacker has considered ETH over other ERC-20 tokens as it cannot be blacklisted.
Ether has its merits
The ERC-20 token standard allows developers to implement a mapping function in the smart contract to maintain a list of blacklisted addresses. As such, they can modify the transfer functions to check against this list before processing transactions.
Contrarily, ETH does not allow address permissions to be modified, maintaining its core decentralised and trustless nature.
Blockchain security firm PeckSheild concurred, stating:
Swapping to Ether quickly can help the hacker secure their funds before any preventative measures are taken by authorities or the issuers of centralized tokens.
One notable instance of this feature being leveraged is the $25 million theft from the dForce decentralized finance (DeFi) protocol in April 2020. After the attack, multiple crypto exchanges acted quickly to blacklist the hacker’s address.
This made it difficult for the attacker to use the stolen tokens, ultimately leading to the hacker’s return of some of the stolen funds.
Tether’s USDT has also leveraged this function and blacklisted several illicit transactions over the years.
Meanwhile, Beosin, another firm focusing on web3 security, added that ETH is easier to launder via cryptocurrency mixers and exchanges due its stability compared to other tokens.
At the time of publication, the attacker had swapped $10.2 million in Polygon, $7.5 million in Pepe (PEPE), and approximately $90.2 million worth of Shiba Inu. In total, $201 million worth of stolen assets have been converted to ether.
The attacker still has $12 million worth of Chromia (CHR), Celer Network (CELR), Frontier (FRONT) and Ooki (OOKI) tokens left to be swapped.
Aftermath of the attack
On July 18, WazirX security firm Cyvers detected several suspicious transactions from the exchange’s multisig wallet to a new address. This was later confirmed to be an attack that siphoned off $234.9 million worth of various assets.
On-chain seluth ZachXBT speculated the involvement of the infamous North Korea backed Lazarus group. The investigator observed similarities between previous exploits orchestrated by the group.
The hack also sparked a downward rally for SHIB, with token dropping more than 9% following the news. Meanwhile, WRX, the native token for the crypto exchange was hit by a 13% in the hours following the attack.
The post WazirX hacker converts $201 Million to ETH in a bid to avoid blacklisting appeared first on Invezz