Blockchain analytics firm SpotOnChain reported that malicious actors have been using the sanctioned crypto mixing service Tornado Cash heavily this month to launder stolen funds.
Tornado Cash, a crypto mixing tool that conceals transaction details, remains a favored platform for cybercriminals aiming to obscure illicit funds. Despite US government sanctions imposed in 2022, its usage has surged recently.
4 Hackers Move $50 Million Through Tornado Cash
On September 8, SpotOnChain reported that four hackers moved a total of 20,561 ETH (approximately $50 million) through Tornado Cash in September. These funds are tied to significant breaches involving Penpie, WazirX, Bo Shen, and LiFi.
The hacker responsible for the Penpie attack transferred 11,261 ETH, valued at about $26.7 million. This sum represents the entire amount stolen from the decentralized finance (DeFi) platform last week.
Penpie had offered a 10% bounty — around $2.7 million — for information leading to asset recovery. However, the attacker chose to launder the full amount through Tornado Cash.
Read more: Tornado Cash: Everything You Need To Know
Similarly, the perpetrator behind the WazirX breach moved 7,600 ETH, worth $18.51 million, via the mixing service this month. WazirX experienced a $235 million hack in July, which forced the exchange to halt operations.
Experts have linked this incident to the North Korea-backed Lazarus Group. Despite laundering a portion of the stolen assets, the hacker still controls 54,155 ETH, approximately $123 million in value.
Additionally, hackers associated with Bo Shen and LiFi transferred 1,500 ETH and 200 ETH, respectively — collectively worth $4 million — into the sanctioned mixer during this period.
These events indicate that Tornado Cash continues to be a preferred tool for laundering stolen assets, even after efforts to curb its use. Although activity on the platform declined following the sanctions, recent data suggests a resurgence. Lookonchain noted that as of September 6, three hackers had deposited 17,800 ETH — equivalent to $42.7 million — into the platform over three days.
Read more: Top 7 Privacy Coins in 2024
Meanwhile, crypto attorney Josh Lawler has highlighted potential legal challenges to the sanctions against Tornado Cash. He pointed out that the Fifth Circuit Court is skeptical about classifying open-source software as an “entity” subject to sanctions.
“Tornado Cash may be outside of Treasury ability to sanction: 5th Circuit skeptical of argument that open source software is an “entity”; finally getting this on the correct path. Maybe we get a point for privacy,” Lawler stated.
This legal discourse emerges amid the US government’s criminal prosecution of Tornado Cash co-founders Roman Semenov and Roman Storm. According to the indictment, they are accused of conspiring to launder money and facilitating transactions with sanctioned entities.