The entity behind the $230 million hack on the Indian crypto exchange WazirX in July appeared to move another batch of 5,000 ether ($12 million) to an intermediary address on Thursday morning before subsequently laundering the funds in 100 ether ($243,000) chunks via Tornado Cash.
According to the onchain analytics platform Arkham, the attacker first began moving the hacked funds on Sept. 2, transferring 2,500 ether (around $6.3 million at the time) directly to the U.S.-sanctioned crypto mixer in 100 ether tranches. Sending funds to a mixer is a common tactic cybercriminals use to make it harder for law enforcement to track and recover stolen crypto.
In a slight change of tack on Sept. 5, the hacker began transferring further batches of 5,000 ether to intermediary addresses before subsequently moving those funds in 100 ether chunks to Tornado Cash.
Thursdayâs movement of funds marks the eighth 5,000 ether transfer made so far and the third this week, with a total of more than 42,500 ether ($100 million) now transferred by the hacker to Tornado Cash.
The entity still has another 18,800 ether, currently worth around $45.8 million, left to transfer, per Arkham, in addition to roughly $5.7 million in various other cryptocurrencies.
Ethereum ETH
+6.00%
's native asset is currently trading for around $2,420, according to The Blockâs Ether Price Page â down nearly 30% from approximately $3,420 on the day of the WazirX hack.
WazirXâs ongoing hack fallout
WazirX suffered an exploit resulting in the unauthorized transfer of over $230 million worth of crypto assets on July 18. The exploit targeted the exchangeâs multisig wallet on the Ethereum network, potentially resulting from a private key compromise, and drained the funds.
Start your day with the most influential events and analysis
happening across the digital asset ecosystem.
The crypto exchange paused withdrawals the same day but only halted trading across its platform a few days later as it continued dealing with the exploit's fallout.
Blockchain analytics firm Elliptic said in a July report that onchain data indicated the attack was perpetrated by the North Korean Lazarus Group, a notorious state-sponsored hacking organization known for executing high-profile exploits, including a $600 million hack on the Ronin sidechain in 2022.
In August, Zettai, the Singapore holding company behind WazirX, filed an application with the country's High Court for a moratorium to restructure its liabilities following the exploit. Zettai estimated it needed at least four to six months to consider the terms of a restructuring plan and work with the relevant stakeholders, claiming it was the âfastest route to allowing the reopening of cryptocurrency withdrawals.â
On Tuesday, Binance reiterated its claim that it does not own, control or operate WazirX in any way. While a contract was signed at one point between the parties, the transaction was never closed due to âZettaiâs failure to perform its obligations,â the crypto exchange giant said.
Binance accused Nischal Shetty, a director of WazirX's parent company, of making âmisleading statementsâ to the contrary in two subsequently submitted affidavits in support of its application to the High Court.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2024 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
