Harmony hacker starts moving the stolen cryptos to Tornado Cash

The Harmony attacker has begun moving the stolen crypto to Tornado Cash.

The Harmony attacker is starting to send their tokens through Tornado Cash.
Harmony Hacker

According to Etherscan, the wallet used in last week's Harmony attack transferred a little over 18,036 ETH worth about $21 million at the writing time to a backup wallet.


The money was then divided equally among three secondary wallets; at the time of writing, two of these secondary wallets have already delivered ETH to a Tornado Cash router.


The money was then divided equally among three secondary wallets; at the time of writing, two of these secondary wallets have already delivered ETH to a Tornado Cash router.


Last week, Harmony's Horizon bridge was used to steal over $100 million in different tokens, including FRAX, FXS, wETH, wBTC, AAVE, SUSHI, USDT, and BUSD, which were all exchanged for ETH on Uniswap.


That amount is now being transferred using Tornado Cash in 100 ETH increments. 10,409 ETH, or more than $12 million, had already been included into the privacy-enabling protocol as of the time of writing. Approximately one new 100 ETH transaction occurs every six minutes.


For instance, Tornado Cash is an Ethereum protocol called that uses zero-knowledge proofs to let users cut the cords connecting their on-chain activity. When utilized properly, the protocol renders it hard to trace wallet-to-wallet transfers.


The protocol has already been exploited by hackers to profit from their illegally gained riches. Despite only sending roughly 12% of their gain to Tornado Cash, data from Nansen shows that the Harmony exploiter is already the fifth-largest malicious user of the protocol behind the Ronin, Fei, Beanstalk, and Parity exploiters.


Harmony had previously promised the Horizon bridge hacker a $1 million reward for recovering the stolen money in exchange for agreeing to forego bringing legal action.


Other protocols have previously offered much bigger rewards, and Aurora recently paid a white-hat hacker $6 million for finding a potential vulnerability and alerting the team to it.

The Latest News