WazirX hacker funnels $11M through Tornado Cash, 20,000 ETH laundered since hack

The WazirX hacker recently laundered $11 million worth of Ether through Tornado Cash, bringing the total laundered loot to roughly 20,000 ETH.

According to data from Cyvers, the attacker responsible for the WazirX hack moved 5,001 ETH to a new wallet on September 18.

This transaction was executed at 06:53 UTC, after which the fund was directed towards cryptocurrency mixer Tornado Cash.

For those unaware, Tornado Cash is a privacy-enhancing platform that allows users to obscure the origins and destinations of cryptocurrency transactions by mixing them with others, making it difficult to trace the flow of funds on the blockchain.

While the idea of this platform is to empower financial privacy, it is often misused by criminals like the WazirX hacker to launder stolen cryptocurrencies.

In this case, the 5,000 ETH value at roughly $11 million, was laundered via 50 transactions of 100 ETH each, echoing previous moves, where the culprit made transfers of similar sizes to new wallets before routing them through Tornado Cash.

To date, the exploiter has laundered 20,000 ETH with approximately 23,796 ETH remaining in the primary wallet linked to the hack. Based on current prices the stash is worth upwards of $54 million.

WazirX’s blame game

WazirX lost over $230 million in various cryptocurrencies during the July hack, with over 15,000 Ethereum and various other cryptocurrencies stolen from its multi-signature wallet.

In total, the hacker managed to accumulate over 43,800 ETH through multiple transactions.

The attack affected 45% of the exchange’s customer funds, severely impacting its ability to maintain its collateral ratio, and leading to a complete shutdown of its services.

Meanwhile, panicked users were unable to withdraw their funds, leading to severe community backlash.

Following the breach, WazirX initially pointed to a “discrepancy between the data displayed” on the interface of Liminal, its cryptocurrency custody provider, in its post-mortem report.

Liminal quickly denied any involvement, stating that its infrastructure had not been compromised.

WazirX then conducted a forensic analysis through Mandiant Solutions, a subsidiary of Google, which found no evidence of a compromise on the three laptops used by the exchange to sign transactions, ruling out internal hardware failure.

Subsequently, Liminal commissioned an independent audit by Grant Thornton, which confirmed that the breach occurred outside of Liminal’s systems.

Liminal reiterated that its frontend and backend infrastructure remained secure, suggesting potential vulnerabilities within WazirX’s systems, while also clarifying that their multi-signature wallet model ensures all transactions originate from the client’s side​.

Amid the fallout, WazirX applied to Singapore’s High Court for a moratorium, aiming to restructure its liabilities.

However, in the court filing, WazirX’s management claimed that crypto exchange Binance, with whom it has been in an ongoing ownership dispute, might have to bear responsibility for the losses faced by WazirX customers.

In response, Binance posted a clarification on Sep. 17, distancing itself from the situation and accusing WazirX’s management of misleading its users regarding the relationship between the two companies.

The post WazirX hacker funnels $11M through Tornado Cash, 20,000 ETH laundered since hack appeared first on Invezz