Deribit hackers move stolen Ether to Tornado Cash crypto mixer

Published at: Nov. 7, 2022

In the aftermath of the $28 million Deribit hack, the unknown exploiter is moving stolen funds using the decentralized cryptocurrency mixer, Tornado Cash.

The Deribit hot wallet hacker has transferred a total of 1,610 Ether (ETH), or around $2.5 million, to Tornado Cash, according to data from the Ethereum block explorer Etherscan.

The funds were transferred in 17 transactions, with the first outgoing transaction occurring on Nov. 5 —just a few days after Deribit suffered the hack.

The amount of funds moved to Tornado Cash is just a fraction of all stolen ETH on the hacker’s address, as its balance amounts to 7,501 ETH ($11.8 million) at the time of writing. The hacker initially sent 9,080 ETH to the address on Nov. 2.

The blockchain analytics platform PeckShield initially reported on the outgoing Tornado Cash transactions on Nov. 5. At the time, the amount of funds leaving the hacker’s ETH wallet was just about $350,000.

Deribit officially announced that its platform suffered a hot wallet hack on Nov. 2, losing a total of $28 million in several cryptocurrencies, including Bitcoin (BTC), ETH and USD Coin (USDC). The exchange had to halt all withdrawals in order to ensure proper security in the aftermath of the hack, promising to cover all the losses.

The platform subsequently resumed regular withdrawals for BTC, ETH and USDC on Nov. 2, migrating all hot wallets to the digital asset security platform Fireblocks. Deribit stressed that users should not send funds to their previous BTC, ETH and USDC addresses and use new Fireblocks deposit addresses instead.

Related: Fireblocks records $100M+ revenue in subscriptions amid bear market

The news comes amid the ongoing uncertainty over Tornado Cash and other cryptocurrency mixers after authorities in the United States restricted the mixer. The Office of Foreign Assets Control of the U.S. Department of the Treasury blacklisted Tornado Cash in August 2022, making it illegal for citizens, residents and companies to receive or send money through the service.

In October, the crypto advocacy group Coin Center filed a complaint against OFAC, Treasury Secretary Janet Yellen and OFAC Director Andrea Gacki, alleging that sanctioning Tornado Cash was “unprecedented and unlawful.”

Tags

Blockchain

Ethereum

Hackers

Derivatives

Transactions

Cybercrime

Crimes

Security

Related Posts

Are crypto and blockchain safe for kids, or should greater measures be put in place?

Crypto is going mainstream, and the world’s younger generation, in particular, is taking note. Cryptocurrency exchange Crypto.com recently predicted that crypto users worldwide could reach 1 billion by the end of 2022. Further findings show that Millennials — those between the ages of 26 and 41 — are turning to digital asset investment to build wealth. For example, a study conducted in 2021 by personal loan company Stilt found that, according to its user data, more than 94% of people who own crypto were between 18 and 40. Keeping children safe While the increased interest in cryptocurrency is notable, some …

Adoption / Feb. 26, 2022

US Blockchain Investor Terpin Awarded Over $75 Million in SIM Swapping Case

United States blockchain and crypto investor Michael Terpin has won $75.8 million in a civil case against 21-year-old Nicholas Truglia, who reportedly defrauded him of crypto assets. Reuters reported the news on May 10. Per the report, the California Superior Court last week ordered Manhattan resident Truglia to pay the amount above in compensatory and punitive damages. The amount is reportedly one of the largest court judgments awarded to an individual in the crypto space thus far, Reuters notes. As previously reported, Terpin filed the complaint against Truglia in particular in late December, after first filing a lawsuit against AT&T …

Blockchain / May 11, 2019

FBI issues alert over cybercriminal exploits targeting DeFi

The U.S Federal Bureau of Investigation (FBI) has issued a fresh warning for investors in decentralized finance (DeFi) platforms, which have been targeted with $1.6 billion in exploits in 2022. In an Aug. 29 public service announcement on the FBI's Internet Crime Complaint Center, the agency said the exploits have caused investors to lose money — advising investors to conduct diligent research about Defi platforms before using them, while also urging platforms to improve monitoring and conduct m rigorous code testing. The law enforcement agency warned that cybercriminals are out in force to take advantage of "investors' increased interest in …

Blockchain / Aug. 30, 2022

DeFi exploits and access control hacks cost crypto investors billions in 2022: Report

Cyber criminals used a variety of novel ways to carry out hacks and exploits in 2022, with over $2.8 billion of cryptocurrency stolen last year. According to a report from CoinGecko using data sourced from DeFiYield’s REKT Database, nearly half of the total crypto stolen in 2022 was fleeced using diverse methods. This includes bypassing verification processes, market manipulation, ‘crowd looting’ as well as smart contract and bridge exploits. The biggest hack of 2022 was carried out through an access control hack. Sky Mavis, the developer behind popular game Axie Infinity, saw its Ronin bridge hacked in March 2022, leading …

Blockchain / Feb. 13, 2023

Fake Ethereum Denver website linked to notorious phishing wallet

A fake website of the popular Ethereum Denver conference is the latest phishing target of a red-flagged smart contract that has stolen over $300,000 worth of Ether (ETH). The popular conference saw its website duplicated by hackers this week in order to trick users into connecting their MetaMask wallets. According to Blockfence, which identified the fraudulent website, the smart contract has accessed more than 2800 wallets and has stolen over $300,000 over the past six months. Another day, another scam. This time the scammer targeted the @EthereumDenver website. Blockfence is here to protect you and fight scammers together: The scam …

Ethereum / Feb. 20, 2023