After six months, the individuals behind the $25 million Kronos Research exploit have initiated the transfer of the stolen funds. PeckShield, a blockchain security firm, detected this movement on May 7. The hackers are funneling the funds towards the mixing platform Tornado Cash.
Tornado Cash is an open-source platform that mixes crypto funds from various sources, making it challenging to trace the origin of the assets. While some view it as a tool for enhancing user privacy, it has faced criticism from regulators. The U.S. Department of the Treasury’s Office of Foreign Assets Control imposed sanctions on its use in August 2022.
Despite the sanctions, bad actors have continued to utilize the platform, laundering over half a billion dollars’ worth of crypto in 2023 alone. The platform’s creators have faced accusations of laundering stolen crypto assets, although they have refuted the claims and sought their dismissal.
The Kronos Research hacker initially transferred 1,314 Ether to a new address, beginning with 0x8F5e4, with the stash valued at around $4 million at the time. Subsequently, the funds were moved to another wallet identified by 0x164A24b. This wallet was used to conduct 10 transactions of 100 ETH each, sending the funds to the crypto-mixing platform.
Kronos Research disclosed the exploit on Nov. 18, with the attack confirmed by on-chain investigator ZachXBT. The hackers utilized stolen API keys to carry out the attack. The Taiwan-based firm tried to negotiate with the hacker shortly after the incident, offering a 10% bounty in exchange for the return of the remaining 90% of the funds, but the attempt was unsuccessful.
Since the beginning of 2024, there have been several attacks in the crypto space. However, recent reports indicate a decline in this trend, with a 67% decrease in crypto thefts from March to April. Additionally, March 2024 saw a 50% drop in crypto losses due to hacks compared to February.