BNB -2.48%
BTC -3.65%
DOGE -4.59%
ETH -4.69%
PEPE -3.59%
XRP -1.00%
SHIB -5.67%
SOL -5.84%
Best Crypto Poker

Hacker Robs Tornado Cash, Launders Loot Through the Same Service

Last updated: | 2 min read
Image source:

In a surprising turn of events, the hacker responsible for the Tornado Cash heist has unexpectedly handed back control of the protocol to the team. 

Adding to the irony, the criminal utilized the very same service to launder the funds stolen during the attack.

Tornado Cash, which has long been associated with aiding cybercriminals and facilitating money laundering for entities like North Korean hackers, now finds itself caught in the web it helped weave.

During the recent breach, the hacker made off with a staggering 483,000 TORN tokens, subsequently converting a significant portion of the loot into ETH on the protocol.

How The Hacker Hijacked Tornado Cash, Stole Tokens, and Laundered Stolen Funds

On May 21, a hacker exploited a vulnerability in Tornado Cash governance which should be under the community’s control. 

The incident report shows that the hijacker took control of the crypto mixer while looting 483,000 TORN coins. 

A blockchain researcher Samczsun revealed the hacker shared a malicious governance proposal to be voted on. 

That helped the hacker gain control of the protocol, allowing them to withdraw the tokens in the governance contract. 

According to Nansen, the hacker converted the stolen tokens to Ether before laundering 472 ETH worth around $900,000 through Tornado Cash.

But, strangely, the hacker relinquished power after contacting the Tornado Cash community.

The incident affected TORN token’s price, which sank to $4 from over $7, according to CoinGecko data

Nevertheless, the token has shown resilience and is now showing signs of a rebound, gradually gaining momentum and moving towards recovery. It is currently trading slightly above $4, although still exhibiting a bearish trend.

Tornado Cash Notorious For Aiding Illegal Transactions And Money Laundering

Tornado Cash’s ability to offer privacy, nearly untraceable anonymous crypto transactions makes it the best choice for money launderers.

As such, it became infamous as the go-to platform for cyber-criminals and hackers looking to launder their illegal funds.

That has brought backlashes on the protocol as several criminals, including North Korean hackers, exploit its privacy offerings to move their loot. 

According to Dune Analytics data, criminals have laundered over $8 billion through Tornado Cash since 2019. 

That shows the number of unlawful transactions the platform has aided over the years.

In August 2022, the Office of Foreign Assets Control (OFAC) of the US Treasury Department sanctioned Tornado for violating anti-money laundering laws and aiding illegal transactions.

The US Treasury said Tornado Cash helped North Korean hackers, the Lazarus Group, process over $455 million in stolen funds from heist attacks. 

The OFAC also alleged that criminals laundered over $7 billion in digital assets with Tornado Cash since its creation in 2019.

Despite the public sentiment and the US Treasury sanction on Tornado, the protocol remains a money-washing route for criminals.