A cyberattack on one of India's largest crypto exchanges, WazirX, is close to its final chapter, with over $230 million worth of stolen crypto nearly fully laundered.
According to blockchain analytics, the perpetrator behind the July breach now has only $6 million in crypto left, having already funneled most of the stolen assets through various methods, including privacy-focused platforms.
The criminal moved large sums of the stolen funds into new wallets, which were later routed through Tornado Cash, a platform often used to obscure the movement of digital assets.
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe - We publish new crypto explainer videos every week!
What is Impermanent Loss in Crypto? (Explained With Animations)
In August alone, the hacker laundered $50 million through Tornado Cash. Recent data shows that nearly $10 million in Ether (ETH) was transferred in a single transaction on September 25.
The hacker exploited one of WazirX's multisig wallets, leading to the theft of over $100 million in Shiba Inu (SHIB), $52 million in ETH, and other cryptocurrencies. These stolen assets accounted for nearly half of WazirX's total reserves, and the efforts to recover them have made little progress.
The company has been widely criticized for its lack of transparency with users and the slow pace of recovery actions.
Tornado Cash is designed to allow crypto transactions to be processed without revealing wallet addresses. While the service itself isn't illegal, it has gained notoriety as a tool for cybercriminals to hide the origin of illicit gains. Earlier this year, Tornado Cash developer Alexey Pertsev was sentenced to over five years in prison for facilitating money laundering through the platform.
This incident serves as a stark example of the vulnerabilities inherent in the crypto industry and the difficulties crypto exchanges face when it comes to safeguarding user assets.