KyberSwap Hacker Transfers Stolen Funds to Tornado Cash

Fresh on-chain activity has brought the Kyber Network exploit back into focus. Blockchain tracking shows the KyberSwap Hacker is once again moving funds. This time, sending large amounts of ETH into Tornado Cash. The attacker, identified as Andean Medjedovic, was behind the $48.8 million KyberSwap hack in 2023. Despite past legal action, recent transfers suggest the case is far from over.

Funds Move Again After Months of Silence

New data from Arkham shows a clear pattern. The KyberSwap hacker has started transferring funds in batches of 100 ETH. These transactions were sent directly to Tornado Cash, a tool often used to obscure transaction history. Several transfers happened within hours. 

Each one followed a similar structure. This suggests a planned effort rather than random movement. The wallet linked to the attacker still holds around $29 million in assets. This means a large portion of the stolen funds remains active. For investigators, this kind of movement is a red flag. It often signals an attempt to break the trace between stolen funds and their origin.

Who Is Behind the KyberSwap Attack

Authorities have already linked the attack to Andean Medjedovic. He is a Canadian national known for exploiting DeFi platforms. In late 2023, he drained $48.8 million from KyberSwap. Before that, he was involved in a 2021 attack on Indexed Finance. That caused $16.5 million in losses. In 2025, U.S. authorities filed charges against him. The Federal Bureau of Investigation accused him of exploiting smart contracts and attempting extortion. Despite this, reports suggest he has avoided full custody. Now, with funds moving again, the situation has become more urgent.

Why Tornado Cash Matters Here

Tornado Cash plays a key role in this story. It is a privacy tool designed to mix crypto funds. This makes it harder to track where assets come from and where they go next. While the tool has legitimate uses, it is often linked to hacks and laundering cases. In this situation, its use raises concerns about recovery chances. Once funds pass through a mixer, tracing them becomes much harder. This limits the ability of exchanges or authorities to freeze assets. That is why these recent transfers matter. They may reduce the chances of recovering the stolen funds.

A Reminder of DeFi’s Ongoing Risks

This case highlights a bigger issue in decentralized finance. Even after hacks are identified and suspects are charged, funds can still move. Protocols like Kyber Network have improved security since the attack. However, the risk of smart contract exploits remains. While tools like Tornado Cash continue to challenge enforcement efforts. They create a gap between blockchain transparency and real-world accountability. For users, the lesson is simple. DeFi offers innovation but it also carries risk. As this case shows, even years later, the impact of a single exploit can continue to unfold.

The post KyberSwap Hacker Transfers Stolen Funds to Tornado Cash appeared first on Coinfomania.