The North Korean group responsible for one of India’s largest crypto hacks has moved $11 million in stolen ether (ETH) to Tornado Cash, a service that obscures blockchain transactions. The attack, which occurred in July, targeted WazirX, a prominent cryptocurrency exchange, resulting in the theft of over $100 million in assets. This latest transfer is part of a series of moves by the hacker, whose wallet still holds $107 million in various tokens. The incident has prompted WazirX to initiate a restructuring process as it grapples with significant liabilities resulting from the breach.

North Korean Hackers Move $11 Million in Stolen Crypto

Recent Transfer of Stolen Ether: Early Monday, North Korean hackers responsible for India’s largest crypto theft moved $11 million worth of stolen ether (ETH) to Tornado Cash, a crypto mixing service that obscures wallet addresses across blockchains. According to data from Arkham, over 5,000 ETH, stolen during a July hack on the WazirX exchange, was transferred to a new address at 07:19 UTC before being sent to Tornado Cash in multiple transactions.

Use of Tornado Cash in Laundering Funds: Tornado Cash, a service that facilitates anonymous transfers of crypto tokens, is often used by crypto criminals to launder stolen assets. While the service itself is not illegal, its ability to mask blockchain transactions makes it a popular tool for those seeking to hide their digital footprint, especially in cases involving cyber theft.

Details of the WazirX Security Breach

Impact of the Hack: In July, WazirX, one of India’s leading cryptocurrency exchanges, was hit by a severe security breach targeting one of its multisig wallets. The breach resulted in the theft of over $100 million in shiba inu (SHIB), $52 million in ether, and other digital assets. These stolen funds represented approximately 45% of the exchange’s total reserves, as per WazirX's June 2024 financial report.

Massive Losses and Exchange's Response: WazirX, now facing significant financial strain, has filed for a restructuring process to address its mounting liabilities. The hack has placed immense pressure on the exchange, which is working to stabilize its operations amid these losses.

Ongoing Efforts to Launder Stolen Assets

Continuous Transfers to Tornado Cash: The $11 million transfer follows a $4 million movement of stolen crypto just last week, bringing attention to the hacker’s ongoing efforts to obscure the stolen assets. The hacker’s main address still holds over $107 million in various digital tokens, the majority of which are in ether, valued at $100 million.

Challenges in Tracking Stolen Crypto: Tracking stolen crypto on decentralized platforms has proven to be a significant challenge for authorities. The use of mixing services like Tornado Cash complicates efforts to trace the funds, allowing the hacker to continue laundering the assets in smaller, untraceable batches.

Future Implications for WazirX and the Crypto Industry

Restructuring and Liabilities: With nearly half of its total reserves compromised, WazirX is now undergoing a comprehensive restructuring to manage its financial obligations. The exchange’s response to the breach will be critical in determining its future viability in the highly competitive and volatile cryptocurrency market.

Regulatory Scrutiny and Security Concerns: The scale of the WazirX hack has drawn attention to the vulnerabilities within the crypto exchange infrastructure. As the industry grows, so too do concerns over cybersecurity and regulatory oversight, prompting increased scrutiny from financial authorities worldwide to protect against similar attacks in the future.