Suspected Hackers Move Stolen Funds to Sanctioned Crypto Mixer

blockchain.news:

Blockchain security firms PeckShield and Beosin have reported that suspected hackers who exploited Lendhub, a decentralized finance lending protocol, have moved more than half of their ill-gotten gains to Tornado Cash, a crypto mixer service. According to Beosin, around 2,415 Ether (ETH), worth about $3.85 million, was sent to Tornado Cash from a wallet connected to the Jan. 12 exploit. Beosin also reported that a total of 3,515.4 ETH, currently worth over $5.7 million, has been sent to Tornado Cash by the exploiter since Jan. 13.

Tornado Cash is a crypto mixing service that attempts to anonymize Ethereum transactions by combining vast amounts of Ether prior to depositing sums to other addresses. However, the service was sanctioned on Aug. 8 by the United States Office of Foreign Assets Control (OFAC) for its alleged role in the laundering of crime proceeds. Despite the sanctions and the website for the service being taken down, Tornado Cash is still able to run and be used, as it’s a smart contract housed on a decentralized blockchain.

A January report by blockchain analytics firm Chainalysis said that hacks and scams once contributed to around 34% of all inflows to the mixer and were at times inflows reached around $25 million per day, but that dropped by 68% in the 30 days following the sanctions. However, bad actors in the space continue to frequent the service. Most recently, on Feb. 20, the exploiter behind an Arbitrum-based DeFi project transferred over $1.86 million in ill-gotten crypto to Tornado Cash.

The notorious North Korean hacker outfit Lazarus Group is also known to send significant sums to mixers such as Tornado Cash and Sinbad. An early February Chainalysis report claimed that exploited funds