The notorious Poloniex hacker responsible for last year’s security breach on the cryptocurrency exchange is on the move again. The thief transferred 1,100 Ethereum (ETH), valued at $3.4 million, to the sanctioned crypto mixer Tornado Cash on May 7 in an effort to launder the stolen funds.
Poloniex Hacker Transfers 11 Batches of 100 Ether in Two Hours
The movement of the funds was revealed through an on-chain data analysis from security firm PeckShield.
#PeckShieldAlert #Poloniex hacker- labeled address 0x3e94…3fdfd has transferred 1.11k $ETH (worth ~$3.4m) to #Tornadocash pic. .com/JIDG0pYfUH
— PeckShieldAlert (@PeckShieldAlert) May 7, 2024
Etherscan data disclosed that the ETH tokens, valued at approximately $3.4 million, were transferred to crypto mixer Tornado Cash in 11 batches of 100 ETH each. WuBlockchain also reported on this development, revealing that the hacker utilized Tornado Cash for the first time to launder the stolen funds.
Tornado Cash is a privacy tool that breaks the link between a user’s crypto deposit and wallet address through a process known as “crypto mixing.” It pools and anonymizes transactions, allowing users to withdraw funds to a new wallet and protecting their financial privacy. The service is illegal in the US and has been flagged by the Treasury following its association with the North Korean Lazarus Group, where it was used to conceal funds stolen from the $625 million Axie Infinity exploit. The mixer’s founders are also facing money laundering charges in the US.
Tornado Cash was Blacklisted by the US Treasury.
Apparently, Tornado Cash played a key role in the $625 million hack of Axie Infinity's Ronin Network by the Lazarus Group, a North Korean hacking group. – US Treasury
This is a developing story.
Source: https://t.co/DVFAHsmdQP pic. .com/dAunQVV2LH
— CryptoBusy (@CryptoBusy) August 8, 2022
In a related development, another address associated with the Poloniex hacker transferred 501 BTC, worth roughly $32 million, to three new wallet addresses.
According to Arkham data, the Poloniex hacker now holds a total of $181.7M worth of crypto assets across several blockchains. Some of the tokens include ETH, TRX, BTC, and FLOKI.
It could be recalled that the Poloniex exchange suffered a breach on November 10, which resulted in a loss of over $33M. Blockchain analyst Tom Wan disclosed that the hacker stole several assets, including ETH and LINK tokens worth $10M and $2.4M, respectively.
A @DuneAnalytics query ready for you to track how much the Potential hacker got from Poloniex
Currently estimated loss at ~$34M, including:
– $10M ETH
– $2.56M GLM
– $2.4M LINKand more https://t.co/judOiLzv4q pic. .com/gcB4eofdwB
— Tom Wan (@tomwanhh) November 10, 2023
Meanwhile, Poloniex’s efforts to recover the stolen funds have been unsuccessful, as the hacker’s recent crypto transfer raises concerns about their attempts to liquidate the funds and hide their tracks.
FBI Cautions Public Over the Use of Illegal Crypto Hubs
On April 25, the Federal Bureau of Investigation (FBI) warned Americans against using cryptocurrency money-transmitting services not registered as Money Services Businesses (MSBs).
The law enforcement body cautioned that the mere availability of an app in an application store does not mean it is legal or in compliance with federal requirements. The FBI further disclosed that it had conducted law enforcement actions against cryptocurrency services operating without proper licensing.
This alert from the federal agency has sparked varied reactions within the cryptocurrency community.
While some perceive the agency’s actions as a protective measure for residents, others criticized the move as an effort of the US government to limit financial freedom and target privacy-enhancing solutions like Tornado Cash.