A wallet address associated with the HECO Chain exploiter has successfully transferred and anonymized approximately 40,392 ETH using the crypto-mixing protocol Tornado Cash within just eight days.
According to findings by crypto investigator PeckShield, the HECO Chain exploiter orchestrated 19 outbound transfers to various Tornado Cash addresses, aiming to render nearly $145.7 million worth of stolen Ether untraceable.
#PeckShieldAlert As of today (22 Mar. 2024, UTC), #HECOBridge exploiters – labeled addresses – have transferred ~$40,391.8 $ETH (equivalent to ~$145.7m) to #TornadoCash within the last 8 days pic.twitter.com/ZfrDvbRQCm
— PeckShieldAlert (@PeckShieldAlert) March 22, 2024
The bulk of the funds were funneled into a single Tornado Cash address, with one smaller transaction of 0.2 ETH, valued at $699, directed to a different address within Tornado Cash.
The most substantial transfer involved the movement of 11,300 ETH, equivalent to around $39.5 million, in a single transaction. It’s a common tactic among crypto hackers to leverage Tornado Cash for anonymizing ownership of their illicitly obtained funds.
Interestingly, on March 21, an account related to a $24 million hack on Rocket Pool in September 2023 also utilized Tornado Cash, aiming for the same purpose.
According to insights from crypto analytics firm Elliptic, hackers affiliated with North Korea’s Lazarus Group resumed using Tornado Cash for money laundering activities on March 13.
It’s worth noting that Tornado Cash had previously come under scrutiny, with the United States Treasury Department sanctioning the protocol in August 2022 for its alleged involvement in facilitating the laundering of over $1 billion in illicit funds, including funds associated with the Lazarus Group.