In a significant development in the world of cryptocurrency security, a hacker responsible for the theft of $125 million from Poloniex’s hot wallets in November has recently mobilized a portion of the stolen funds. Blockchain data reveals that the hacker sent 1,100 ether (ETH), valued at approximately $3.3 million, to the controversial and sanctioned coin mixer, Tornado Cash.
The funds were transferred in 100 ETH batches on Tuesday, following a dormancy of 178 days. This move marks a notable activity since the theft, drawing attention due to the use of Tornado Cash, a mixer known for its ability to obscure the origins of crypto tokens. Tornado Cash has been under scrutiny and was sanctioned by the U.S. Treasury Department in 2022 after its association with the North Korean hacking group, Lazarus, which used the service to launder proceeds from the $625 million Axie Infinity exploit.
Further complicating the security landscape, the Poloniex hacker also transferred 501 bitcoin (BTC), worth about $32 million, to an unlabelled wallet on April 30. Despite these significant movements, the hacker still controls an estimated $181 million in crypto assets spread across various blockchains, according to data from blockchain analytics firm Arkham.
The use of services like Tornado Cash highlights the ongoing challenges and complexities in tracking and securing digital assets. Sanctioned due to its role in facilitating money laundering activities, Tornado Cash remains a tool of choice for cybercriminals looking to hide their tracks.
Blockchain security firm Elliptic noted that Lazarus Group had previously utilized Tornado Cash to launder $12 million stolen from the Heco Bridge hack, which occurred shortly after the Poloniex incident. This pattern underscores the persistent threats in the crypto ecosystem, particularly related to the use of decentralized mixing services that complicate the efforts of law enforcement and security agencies to trace illicit activities.
As the crypto community and regulators continue to grapple with the security implications of decentralized finance (DeFi) and privacy-enhancing technologies, the Poloniex hack serves as a stark reminder of the vulnerabilities and risks associated with storing large amounts of cryptocurrencies in hot wallets.