Amidst ongoing controversies, the WazirX hacker has laundered yet another over $11.8M stolen Ether through Tornado Cash. This has raised suspicions about alleged insider involvement.
According to PeckShieldAlert, a prominent blockchain security company, the WazirX hacker moved another 5,000 ETH (~$11.8M at the current market price) to a new address before transferring the stolen fund to Tornado Cash crypto mixer for laundering to avoid being trailed.
WazirX Hacker Moved $11.8M Stolen Fund To A New Address, Laundered It On Tornado Cash
The hacker behind the $235M WazirX exploit has moved another batch of the stolen assets, laundering over $11M Ether through the crypto mixer Tornado Cash.
On Friday, September 13, Blockchain security firm PeckShieldAlert revealed in an X post that the WazirX hacker moved 5,000 ETH, about $11.8M, from its marked wallet to a new address, ‘0xa4d1…9845,’ in preparation to launder it through the mixer so as to avoid being trailed.
PeckShieldAlert added that this latest transaction makes it the 5th batch of 5,000 ETH transfers made by the hacker since the cyber exploit in July.
Last week, it was also reported that the hacker made a transfer of 2,600 ETH (~$6.5M) in 26 transactions within an hour to crypto mixer Tornado Cash to launder the stolen funds.
Altogether, the hacker has moved and laundered almost 27,600 ETH (about $64.97M) over the past weeks.
Alleged Insider Involvement In The WazirX Cyber Exploit
As the hacker transferred the stolen funds, there are reports and allegations of possible involvement of an insider in the $235M security breach that crippled WazirX, the once largest crypto exchange in India.
According to the X account, Justice for WazirX Users, some unusual activities were going on in WazirX before the exploit. ‘Justice for WazirX Users’ cited some unnamed data and sources from a report filed with the Delhi Police to back its point.
Most of the allegations claimed that the hacker opened an account on WazirX using fake know-your-customer (KYC) information, where he deposited some digital assets that he later traded for GALA tokens.
On the day of the hack, July 18, the exploiter withdrew the GALA tokens, which led to a decrease in the tokens in WazirX’s hot wallet. In response, WazirX attempted to move more GALA tokens from its cold wallet, managed by Liminal, to refill the depleted hot storage.
The hacker, who was closely monitoring the process, supposedly injected some malicious codes to block the transfer.
As the cold wallet signatories from WazirX made further attempts to refill the wallet, the hacker took the opportunity to steal their login credentials during the process.
Having stolen the login credentials of the necessary three signatories, the hacker utilized this to tweak WazirX’s cold wallet contract to implement the hack.
WazirX’s Push For Restructuring Faces Setback
Amidst the ongoing controversies surrounding the hack, WazirX applied for restructuring under the Singapore legal system for a moratorium application.
However, the process faced setbacks as users went against the exchange’s X poll that only offered a ‘Yes’ option to agree with the application.
The exchange edited the poll to include the options ‘No’ and ‘No Position’ on September 12.
