Hacker Who Stole $282 million Last Week, Launders $63M Via Tornado Cash: CertiK

• CertiK has just identified $63 million in stolen funds flowing through the Tornado Cash mixer following last week’s $282 million wallet compromise.
• The attacker used “textbook” laundering tactics, bridging Bitcoin to Ethereum and splitting the funds into small chunks to avoid being caught.
• This massive theft started with a social engineering attack where the victim mistakenly shared their seed phrase with a fake support staff.

Last week on 10 January, a massive hack drained $282 million from a single crypto wallet. 

Although the funds initially seemed lost forever, CertiK’s latest forensic data now shows where a portion of the money sits.

Their systems flagged a surge in laundering activity on Tornado Cash this week and directly tied it to the stolen assets.

Tracking the Tornado Cash Laundering Path

According to CertiK analysts, roughly $63 million has already moved through the privacy mixer. This amount is only a fraction of the total loss, but it shows that the theft was an organized effort, and the hacker(s) are attempting to erase the digital paper trail. 

CertiK researchers mapped out where the money could be right now, and their findings show that the attacker started with Bitcoin but quickly moved to the Ethereum network. 

Data shows that 686 BTC moved across a cross-chain bridge, and this resulted in approximately 19,600 ETH arriving at a single address.

Once the funds reached Ethereum, the hacker started to launder the funds via Tornado cash. CertiK also noted that the thief isn’t laundering the money at the same time.

Instead, they split the Ether into multiple smaller wallets with each of them holding about 400 ETH. 

A Textbook Playbook 

Experts have called these moves a “textbook” crypto theft because of the generic nature.

The hacker used platforms like THORswap to jump between chains. Historically, hackers do this to hide the paper trail, and their decisions to move the ETH in 400-coin chunks show that they are deliberately attempting to launder the money.

Once assets enter a mixer like Tornado Cash, the visible link between the sender and receiver breaks and security teams are warning that recovery chances will drop to near zero after this step. 

The Human Error Behind the Hack

While the laundering seems carefully thought out, the original theft was much simpler in comparison.

The January 10 incident happened via a social engineering attack where the attacker pretended to be a wallet support staff member and used this to gain the victim’s trust.

The attacker convinced the user to reveal their seed phrase, and once the victim did, the hacker took full control of 1,459 BTC and over 2 million Litecoin. 

Normally, traders who have been victims tend to hope that blockchain records will help them get their money back. 

However, in this case, the funds are slowly moving through Tornado Cash, making recovery increasingly unlikely with every passing second.

By the time the funds leave the mixer, they appear as “clean” coins with no history.

Law enforcement agencies can sometimes flag addresses that interact with mixers. However, these protocols are decentralised, and the process can be very difficult.

The post Hacker Who Stole $282 million Last Week, Launders $63M Via Tornado Cash: CertiK appeared first on Live Bitcoin News.