The WazirX exploiter is actively moving thousands of stolen assets across new wallets, with a portion of the latest batch laundered through the crypto mixer Tornado Cash.
Latest Transfers and Laundering Activities
Blockchain security platform Cyvers recently tracked the transfer of exactly 5,001 Ethereum from the exploiterβs address to a new wallet.
π¨UPDATEπ¨ The WazirX hacker just transferred 5K $ETH (~$11.6M) to a new address and already deposited $1.4M to Tornado Cash.
On-chain data confirms that this transaction occurred today at 06:53 UTC, resulting in the creation of the recipient address.
Ongoing Laundering Through Tornado Cash
Shortly after receiving the 5,000 ETH tokens, the new wallet began laundering them through Tornado Cash in multiple batches of 100 ETH, worth roughly $232,000 each. So far, the address has moved 36 batches, amounting to 3,600 ETH, to the crypto mixer.
As of now, the laundering scheme is ongoing, with the total amount likely to increase in the coming hours based on previous transaction data.
Consistent Patterns and Previous Transactions
This pattern is consistent with the WazirX exploiterβs behavior. After accumulating over 43,800 ETH through multiple transactions following the hack, the primary wallet held the tokens until six days ago, routing funds through new addresses to Tornado Cash.
To date, the exploiter has transferred 20,004 ETH to four different addresses, each receiving 5,001 ETH since September 12. These new wallets typically transfer the entire amount to Tornado Cash in 100 ETH batches, suggesting the most recent address still has 2,601 ETH left to launder.
Meanwhile, another primary wallet tied to the exploiter has also carried out similar transactions, with one of its 5,000 ETH transfers identified on September 5.
Background on the WazirX Hack
The WazirX hack, which occurred in July, saw the leading Indian exchange lose over $230 million in several crypto assets, siphoned from its multi-sig wallet. Shortly after, the hacker began converting the assets to Ethereum.
The exchange blamed the hack on a vulnerability from its custody provider Liminal Custody. However, the crypto custodian denied these speculations. Interestingly, an audit from Grant Thornton recently found that the exploit occurred outside Liminal.
Amid the ongoing laundering scheme, an X account dedicated to seeking justice for affected WazirX users asserted that the hack could have also involved an insider, citing on-chain data and reports filed with the police in Delhi.
Stay Updated on Crypto News
For more updates on cryptocurrency, investing, and finance, stay tuned to Global Crypto News.