Key Takeaways
- The movement of funds began with the transfer of 1,314 Ether to a new wallet address starting with 0x8F5e4.
- Hacker conducted 10 transactions of 100 ETH each from the final wallet, directing the funds to Tornado Cash
A hacker responsible for the $25 million exploit of quantitative trading firm Kronos Research in November 2023 has begun moving the stolen funds, nearly six months after the initial breach.
The fund transfer was brought into limelight by crypto analytic firm PeckShield via X(formerly Twitter).’The labeled address has transferred 200 $ETH to Tornadocash and approximately 1,314 $ETH (worth around $4 million) to a new address 0x164A…D5c4, and started laundering them via Tornadocash’, the tweet reads
The movement of funds began with the transfer of 1,314 Ether, valued at $4 million, to a new wallet address starting with 0x8F5e4. Subsequently, all ETH was transferred to another address starting with 0x164A24b.
Following this transfer, the hacker conducted 10 transactions of 100 ETH each from the final wallet, directing the funds to crypto mixing tool-Tornado Cash
Tornado Cash was sanctioned by the U.S. Treasury Department in 2022 after it was used by the infamous North Korean hacking group Lazarus, which attempted to hide funds secured from the $625 million Axie Infinity hack.
In November 2023, Kronos Research disclosed that an unauthorized entity gained access to some of its API keys. Initially, no losses were reported, but further probe revealed that $25 million in total had been transferred to six distinct crypto wallet addresses. Kronos Capital halted its trading services to investigate the loss.
Private key exploits were one amongst the most prevalent techniques used for hacking cryptocurrency. More than $700 million in digital assets was lost to various security incidents in Q3 2023, surpassing first-quarter losses of $320 million and second-quarter losses of $313 million.
Crypto mixing services have long been exploited by hackers because of its potential to obfuscate the origins and owners of the funds. The latest development also comes amid reports that another hacker who stole $125 million from Poloniex’s hot wallets in November 2023 had sent 1,100 ether to sanctioned Tornado Cash.
