Poloniex Hacker Attempts to Launder Stolen Funds Through Tornado Cash Mixer, Tracing Back to Lazarus Group
Last year’s Poloniex hack has taken a new turn as the hacker behind it attempts to launder stolen funds. According to on-chain data from security firm PeckShield, approximately 1,100 ETH, valued at around $3.4 million, has been transferred to the U.S.-sanctioned cryptocurrency mixer Tornado Cash.
Poloniex suffered a significant loss of $100 million when one of its hot wallets was compromised in November last year. Cybercriminals often use mixing services like Tornado Cash to conceal the origins of stolen cryptocurrency.
The attack is widely attributed to the North Korean Lazarus Group, a notorious state-sponsored hacking organization known for previous high-profile attacks, including a $600 million hack on the Ronin sidechain.
In an attempt to recover the stolen funds, Poloniex previously offered the attacker a 5% bounty, totaling approximately $5 million, in exchange for returning the remaining 95%.
Established in 2014 as a centralized exchange, Poloniex was acquired by Tron founder Justin Sun in 2019.
In a separate incident involving Tornado Cash, an attacker associated with a $26 million hack on Kronos Research transferred 200 ETH to the mixer today, as noted by PeckShield.
FAQ
What is Tornado Cash?
Tornado Cash is a cryptocurrency mixing service built on top of the Ethereum blockchain. It allows users to enhance the privacy of their transactions by obscuring the link between the source and destination of their funds.
How does Tornado Cash work?
Tornado Cash utilizes a process called “mixing” where users deposit their funds into a shared pool. The service then distributes equivalent amounts to different addresses, making it difficult to trace the origin of the withdrawn funds.
Is Tornado Cash legal?
The legality of Tornado Cash depends on your jurisdiction and how you use the service. While the technology itself isn’t illegal, mixing services can be used for illicit activities. In some regions, using Tornado Cash might be restricted.
It’s worth noting that Kronos Research was also targeted in the November attack last year, although it remains unclear whether the two incidents are directly related.
Leave a comment