The hackers who stole over $230 million from the Indian cryptocurrency exchange WazirX have started moving the stolen funds through Tornado Cash, beginning early Tuesday، an action initiating a process that allows them to obscure the trail of the stolen money.
Tornado Cash enables cryptocurrency users to exchange digital assets while concealing wallet addresses across multiple blockchains. While the service itself is not inherently harmful, it is often exploited by criminals to launder money and cover up illicit activities.
Data from Arkham reveals that the attackers have transferred nearly $4 million in Ethereum across 16 transactions to a Tornado Cash address. This address, which holds over $155 million in cryptocurrency—primarily $150 million in Ethereum—had not been used previously for transactions with Tornado Cash.
It is worth noting that the breach dates back to July when WazirX was compromised, resulting in the theft of over $100 million in Shiba Inu tokens and $52 million in Ethereum. In fact, the stolen assets represent over 45% of the exchange’s total reserves as reported in June 2024. Consequently, WazirX has sought restructuring to cover these losses.
As previously noted, there is suspicion that the Lazarus Group, a North Korean cyber unit, is behind the attack.
The group is estimated to have laundered over $1 billion in stolen funds through Tornado Cash before the imposition of OFAC sanctions in 2022.
