Back to the list

Curve Finance Breach: Exploiter Launders $4.6 Million via Tornado Cash

source-logo  coinedition.com 10 July 2024 13:28, UTC

In July 2023, Curve Finance, a leading DeFi protocol, suffered a major security breach. The attacker transferred roughly 1,500 ETH (worth about $4.6 million) to a new address, 0xc772…7475, according to PeckShieldAlert data.

The funds were then laundered through TornadoCash, a privacy-focused service, raising concerns within the crypto community.

#PeckShieldAlert The #CRV/ETH exploiter-related address 0xc772…7475 has started laundering $ETH via #TornadoCash. pic.twitter.com/3lTY7VrxCl

— PeckShieldAlert (@PeckShieldAlert) July 10, 2024

In addition to the substantial ETH transfer, a whale liquidation occurred, with address 0x929d…2af1 liquidated for approximately 456 WETH (valued at around $1.34 million). These events underscore the ongoing challenges and risks in the DeFi space, emphasizing the need for robust security measures and monitoring systems.

The exploiter-related address 0xc772…7475 continues to launder funds through TornadoCash. Over 1,500 ETH, equivalent to roughly $4.6 million, has already been laundered.

The use of TornadoCash to obscure transaction details complicates the tracking and recovery of stolen assets. This laundering activity has sparked calls for increased scrutiny and regulation of privacy-focused services within the crypto industry.

The Curve Finance breach also exposes potential vulnerabilities in DeFi protocols. In response, @Cyvers_ has promoted its address reputation product, designed to help users detect the source of malicious funds and enhance security. Interested parties can book a demo to learn more.

The incident underscores the importance of vigilance among crypto users. As Cyvers Alerts noted, an address poisoning transaction occurred, where a victim mistakenly sent 56.6K USDC to a malicious address.

🚨ALERT🚨Our system has detected a address poisoning transaction at https://t.co/WQbBWg96Pf

Victim has mistakenly sent 56.6K $USDC to poisoner !
Attacker: https://t.co/xFYla0kMXQ
Victim: https://t.co/y0wshgjCmS

Stolen funds have been swapped to $DAI and deposited to #Railgun at… https://t.co/NFt89GfJTI pic.twitter.com/joglufldYk

— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) July 8, 2024

The attacker quickly swapped the stolen funds to DAI and deposited them into Railgun, further hindering recovery efforts. This incident serves as a stark reminder for users to double-check transaction details and verify the legitimacy of addresses.

Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.