Poloniex Hacker Transfers Several 1100 ETH to Tornado Cash

As an experienced analyst, I strongly believe that the Poloniex hacker’s recent transfer of Ethereum units to Tornado Cash is a clear indication of money laundering activities. The use of Tornado Cash by hackers, especially those believed to be state-sponsored like the Lazarus Group, raises serious concerns regarding the security and legitimacy of this crypto mixer.


A notorious cybercriminal, suspected to be backed by North Korea, transferred 1100 Ethereum (ETH) units, equivalent to approximately $306,000, to the cryptocurrency mixer Tornado Cash over the past 24 hours. The Poloniex hacker reportedly sent 11 separate transactions, each containing 100 ETH units, according to data from Arkham Intelligence’s on-chain analysis.

Around 501 Bitcoins, valued at approximately $31.9 million, were moved to an unidentified wallet by the Poloniex hacker earlier this month. Prior to this, Justin Sun, the founder of Tron network, had made several attempts to reveal the hacker’s identity by sending TRX tokens, but was unable to do so.

As a crypto investor, I’ve noticed that Poloniex exchange tried to entice the hacker with a 5% bounty reward for returning the stolen funds. However, the attacker has given no indication of wanting to engage in such negotiations. At present, the Poloniex hacker is in possession of approximately 25,500 ETH, 305 million TRX, 501 Bitcoins, 364 Bitcoin Cash, 27 billion FLOKI tokens, 2.3 million TUSD stablecoins, and 642 WETH Ethereum tokens, among other assets.

Today, the Poloniex hacker, identified by the Ethereum address 0x3E…fDFd, moved 100 ETH (roughly equivalent to $308,000) to Tornado Cash for the first time. The value of their crypto holdings currently stands at approximately $182 million. This transaction marks their initial use of Tornado Cash for money laundering activities linked to the Poloniex hack.
— Wu Blockchain (@WuBlockchain) May 7, 2024

Poloniex Hacker and Tornado Cash

According to Coinspeaker’s report, the US authorities have taken enforcement steps against the developers and founders of Tornado Cash. The United States Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Tornado Cash, which subsequently resulted in the arrest of its co-founder, Roman Storm.

The US Treasury Department has reported that the notorious Lazarus Group has employed Tornado Cash multiple times to conceal over $500 million in transactions. Additionally, there is evidence suggesting that Lazarus Group was responsible for the cyber assault on Axie Infinity’s Ronin network bridge during the early months of 2022.

Rampant Crypto Attacks

The world of cryptocurrencies has unfortunately become an alluring prey for cybercriminals, primarily due to its weak security infrastructure. Advanced hackers have predominantly focused their efforts on exploiting blockchain bridges by deceitfully manipulating web3 smart contracts. Nevertheless, insidious activities from within the industry are reportedly the most significant risk for crypto-related attacks. Furthermore, malicious actors can even apply for engineering positions in web3 development and surreptitiously insert backdoors, enabling future manipulation.

As a crypto investor, I’ve come to realize that the use of crypto mixers poses a significant challenge when it comes to tackling Web3 hackers. These mixers, which allow users to obscure the origin and destination of their transactions, create anonymity that can be exploited by malicious actors. However, some forward-thinking crypto companies, such as Coinbase Global Inc (NASDAQ: COIN), have taken a stance in favor of financial privacy. They argue that everyone deserves the right to confidentiality when it comes to their financial transactions, and this principle should apply to the crypto space as well. By advocating for privacy, these companies aim to create a more secure and inclusive ecosystem for all users.

As a security analyst, I’ve come across previous reports from Elliptic, a blockchain security firm, indicating that the Lazarus Group employed Tornado Cash for laundering the proceeds of the Heco Bridge attack. Now, according to PerkShield’s latest findings, funds stolen from Kronos Research last year have been transferred to Tornado Cash today.

#PeckShieldAlert #KronosHack: The identified address has moved 200 ETH to Tornado.cash and approximately 1,314 ETH (valued at around $4 million) to a fresh address 0x164A…D5c4. Subsequently, it initiated money laundering using Tornado.cash. #KronosResearch was breached in mid-November.
— PeckShieldAlert (@PeckShieldAlert) May 7, 2024

Market Impact

Web3 projects face numerous cyberattacks, with a notable number believed to be backed by North Korea’s regime. These assaults have posed significant challenges to the widespread acceptance of digital assets, as substantial funds are frequently stolen from the crypto industry. Consequently, developers working on Web3 technologies must prioritize robust security features in their smart contracts, particularly those involving multiple blockchains.

Despite the recent approval of spot Bitcoin and Ethereum ETFs, a significant shift in mitigating cryptocurrency attacks, this development offers investors an opportunity to trade shares of the underlying crypto assets with increased liquidity and decreased security risks.

Read More

Sorry. No data so far.

2024-05-07 12:10