ARTICLE AD
Crypto hacks have continued to flourish despite best efforts to minimize them.
In a new development around the Rain crypto exchange hack, an address linked to the incident has reportedly begun transferring some of the ill-gotten funds. According to an X post by PeckShieldAlert, the said address has transferred 1,155 ETH, worth approximately $2.9 million, through the privacy tool Tornado Cash.
The Rain Exchange Hack
On April 29, Rain was hit by a $14.8 million exploit that saw hackers make away with assets including Bitcoin (BTC), Ether (ETH), Solana (SOL), and XRP.
According to blockchain sleuth ZachXBT, who first reported the incident, the stolen funds were divided into wallets containing 137.9 BTC and 1,881 ETH, leaving them inactive ever since.
Interestingly, ZachXBT did not issue this alert until May 13, nearly two weeks after the incident initially took place. However, following the revelation, Rain later confirmed the breach through AJ Nelson, a co-founder of the project.
While no real recovery plans were shared, Nelson did assure users of the safety of their funds, claiming that the exchange had covered any damages caused by the breach. He cited that the move was necessary to keep the platform running smoothly.
As of publication, it is not exactly clear whether the unidentified hacker will continue laundering the remaining 726 ETH. However, it is clear that they intend to obscure the trails of the stolen funds. This explains the use of Tornado Cash, a private mixing tool designed to do just that.
Tornado Cash: A Thorn in the Flesh of Crypto Industry
Tornado Cash has always drawn a considerable amount of scrutiny from industry experts and regulatory bodies. The decentralized, non-custodial privacy solution built on Ethereum, is notorious for its zero-knowledge proofs, which enable users to break the on-chain link between a source and destination of funds.
While this privacy tool is highly coveted by legitimate users who are privacy-conscious, cybercriminals are also exploiting it to launder stolen cryptocurrencies.
As this Rain hacker’s use of Tornado Cash may have shown, exchanges such as Rain, as well as law enforcement agencies continue to face various degrees of challenges in tracking and recovering stolen assets. These persistent vulnerabilities call for an urgent need for enhanced security measures within the space.
For context, crypto hacks have continued to flourish despite best efforts to minimize them. The Nexera protocol is a more recent example of these exploits after losing $1.5 million worth of digital assets to a Wednesday morning hack.
Overall, as digital currencies continue to gain mainstream acceptance, risks associated with them are also escalating. It also goes without saying that the ability of hackers to exploit weaknesses in exchange security and use privacy tools for laundering purposes remains an issue to be solved for the industry.