Lendhub hack suspects launder stolen ETH through Tornado Cash


  • Security firms PeckShield and Beosin reported that hackers behind January’s exploit of the DeFi lending protocol Lendhub had transferred over half of their proceeds into Tornado Cash.
  • The LendHub exploit resulted in $6 million being stolen from the protocol.

Security firms PeckShield and Beosin have reported that a suspected group of actors behind the January exploit of the DeFi lending protocol Lendhub have transferred more than half of their proceeds, amounting to 2,415 Ether (worth approximately $3.85 million), into sanctioned crypto mixer Tornado Cash. The incident was revealed on February 27. The exploit was reported to have resulted in a loss of $6 million.

$5.7 million has been sent to Tornado Cash since January 13

PeckShield reported that the LendHub exploit had resulted in $6 million being stolen from the protocol. Beosin has tweeted that a total of 3,515.4 ETH worth $5.7 million has been sent to Tornado Cash since January 13 by the perpetrator. This is the largest reported exploit of the year so far.

image 517
The exploiter wallet recently made several transactions, sending batches of 100 ETH to Tornado Cash and subsequently executing smaller deposits. Source: Etherscan

Tornado Cash is still in operation

Tornado Cash, a crypto mixing service designed to anonymize Ethereum transactions by combining vast amounts of Ether before depositing sums to other addresses, was sanctioned on August 8 by the United States Office of Foreign Assets Control (OFAC) for its role in laundering crime proceeds. Despite this, Tornado Cash still operates as a decentralized smart contract on the blockchain.

According to a report by blockchain analytics firm Chainalysis, before the sanctions, approximately 34% of all inflows into the mixer were from hacks and scams, and there were days when inflows reached around $25 million. However, this figure has dropped by 68% in the 30 days since the imposition of the sanctions.

On February 20, a malicious actor behind an Arbitrum-based DeFi project transferred over $1.86 million in stolen crypto to Tornado Cash. This is the latest in a series of events indicative of bad actors using mixers such as Tornado Cash and Sinbad for nefarious purposes.

According to Chainalysis’ early February report, funds originating from North Korean hackers tend to move to mixers at an abnormally high rate, further demonstrating the service’s popularity with criminals. The notorious Lazarus Group is an example of these malicious actors, regularly sending significant sums through mixers. Nonetheless, bad actors will continue to frequent these services unless appropriate measures are taken.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decision.

Share link:

Damilola Lawrence

Damilola is a crypto enthusiast, content writer, and journalist. When he is not writing, he spends most of his time reading and keeping tabs on exciting projects in the blockchain space. He also studies the ramifications of Web3 and blockchain development to have a stake in the future economy.

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Related News

Emerging crypto projects
Subscribe to CryptoPolitan