The hacker behind July’s $230 million WazirX hack has nearly finished laundering the stolen funds, using Tornado Cash to obscure the transactions.
Just $6 million worth of ether is left.
WazirX has been restructuring following the hack, which compromised over 45% of its reserves, and is facing challenges in fund recovery and criticism for its crisis management.
Whoever was behind India’s biggest cryptocurrency hack is almost done laundering over $230 million worth of tokens, on-chain data shows.
A wallet holding funds stolen from WazirX, formerly one of the country’s largest exchanges by trading volume, in July, is down to only $6 million worth of ether (ETH). Blockchain data from Arkham show the funds are usually moved to new wallets before being sent to privacy service Tornado Cash.
The hacker moved just over $50 million worth of tokens to Tornado in August and stepped up activity in September, as the chart below shows. The latest movement was a 3,792 ETH ($10 million) transfer to a wallet early on Wednesday.
Tornado Cash allows crypto users to exchange tokens while masking wallet addresses on various blockchains. The service, by itself, is not nefarious but is commonly used by criminals to clean an online trail that could lead to the identity of those moving stolen funds. Alexey Pertsev, Tornado Cash developer, was found guilty of money laundering by a Dutch judge in May and sentenced to 64 months in prison.
In July, WazirX was hit by a security breach in one of its multisig wallets, causing over $100 million in shiba inu (SHIB) and $52 million in ether, among other assets, to be drained from the exchange.
The stolen funds accounted for over 45% of the total reserves cited by the exchange in a June 2024 report. The exchange has since filed for a restructuring process in Singapore to clear its liabilities.
WazirX, still reeling from the financial and reputational damage, has engaged in efforts to recover the funds with limited success. It has faced criticism for its handling of the crisis, especially concerning user communication and fund recovery processes.
Amidst this, Binance, which has had a contentious relationship with WazirX, clarified its lack of involvement in the security breach last week, emphasizing that it does not control or operate WazirX. That differs from what founder Nischal Shetty stated on X in August.