Back to the list

Hacker Robs Tornado Cash, Launders Loot Through the Same Service

source-logo  cryptonews.com 30 May 2023 12:54, UTC

The hacker who hijacked currency mixer Tornado Cash has returned control of the protocol to the team.

Ironically, the criminal used the same service to launder funds stolen in the attack.

Tornado Cash has been an escape route for cybercriminals and North Korean hackers who launder proceeds of attacks on crypto protocols using the service.

The OFAC-sanctioned cryptocurrency mixing service has now fallen under the same act it aided for years.

In the recent attack, a hacker stole 483,000 of Tornado Cash’s native token TORN and swapped a sizable amount of the loot for ETH on the protocol.

How The Hacker Hijacked Tornado Cash, Stole Tokens, and Laundered Stolen Funds

On May 21, a hacker exploited a vulnerability in Tornado Cash governance which should be under the community's control.

The incident report shows that the Tornado's hijacker took control of the crypto mixer while looting 483,000 TORN coins.

A blockchain researcher Samczsun revealed the hacker shared a malicious governance proposal to be voted on.

That helped him gain control of the protocol and successfully withdrew all locked votes, draining all the tokens in the governance contract.

According to Nansen, the hacker converted the stolen tokens to Ether before laundering 472 ETH worth around $900,000 through Tornado Cash.

But, strangely, the criminals relinquished power after contacting the Tornado Cash community.

The incident affected TORN token's price, which sank to $4 from over $7, according to CoinGecko data.

However, the token soon regained momentum and is on its way to recovery, although still trading bearish at a little over $4.

Tornado Cash Notorious For Aiding Illegal Transactions And Money Laundering

Tornado Cash's ability to offer privacy, nearly untraceable anonymous crypto transactions makes it the best choice for money launderers.

As such, it became infamous as the go-to platform for cyber-criminals and hackers looking to launder their illegal funds.

That has brought backlashes on the protocol as several criminals, including North Korean hackers, exploit its privacy offerings to move their loot.

According to Dune Analytics data, criminals have laundered over $8 billion through Tornado Cash since 2019.

That shows the number of unlawful transactions the platform has aided over the years.

In August 2022, the Office of Foreign Assets Control (OFAC) of the US Treasury Department sanctioned Tornado for violating anti-money laundering laws and aiding illegal transactions.

The US Treasury said Tornado Cash helped North Korean hackers, the Lazarus Group, process over $455 million in stolen funds from heist attacks.

The OFAC also alleged that criminals laundered over $7 billion in digital assets with Tornado Cash since its creation in 2019.

Despite the public sentiment and the US Treasury sanction on Tornado, the protocol remains a money-washing route for criminals.