Harmony's Stolen Funds on the Move as Hacker Starts Laundering Them Using Tornado Cash
Evening
So, a new update came today regarding the recent Harmony's Horizon Bridge hack. Apparently the hacker didn't took the bait of $1 million bounty for the return of stolen funds and has already started laundering the funds using a coin mixer.
Layer 1 blockchain Harmony's Horizon bridge had been exploited for approximately $100 million last Saturday as hacker managed to gain access to at least two out of four signees, allowing him to drain the funds. Later on Harmony offered $1 million bounty reward to hacker for returning the stolen funds.
1/ We are aware the hacker has begun to move funds through Tornado Cash. The team is working with two highly reputable blockchain tracing and analysis partners, and collaborating with the FBI as part of an investigation into this criminal act. 🧵
— Harmony 💙 (@harmonyprotocol) June 28, 2022
But it seems, hacker have no interest in returning the funds, as he have already started laundering the stolen coins using coin mixer Tornado Cash. Coin Mixers are a privacy enhancing tools used to carryout transactions privately. Simply speaking all deposits go into the coin mixer, blended and withdrawn to their new destination addresses, thus breaking the link between depositor and destination addresses.
The Harmony's hacker have chosen Tornado Cash mixer in a bid to obfuscate his transaction activity. As per data by PeckShield, today hacker started moving 18,036.3 Eth worth around $21 million to Tornado Cash using 3 different accounts. As Tornado Cash accepts a maximum 100 Eth per batch so it took him around 13 hour to launder that $21 million. Rest 80% of the stolen funds are still laying in hacker's wallet.
With 20% of stolen funds already laundered, hacker's intentions are pretty much clear. He may start laundering the remaining 80% of the funds anytime. Frankly speaking Harmony's offer of $1 million bounty for the return of $100 million worth stolen funds was quite low. May be they should have offered like 10% or more to peak the hacker's interest. Whereas Harmony is already tracking the hacker's wallet but once passed through the coin mixer, those funds are gone for good as they become untraceable. May be its time for Harmony to think about how are they gonna reimburse the affected parties.
Coin Mixer tools are already under serious watch by United States Treasury Department Office of Foreign Assets Control (OFAC) for their utility in laundering illegal funds. Back in May, OFAC has already sanctioned crypto mixer Blender.io for allegedly laundering funds for North Korean hackers. Tornado Cash is also under heat for being involved in funds hacking during previous mega hacks like Ronin Bridge. And now Harmony's hacker using it will only make things more difficult for the coin mixer in future.
Posted Using LeoFinance Beta
This post has been manually curated by @bhattg from Indiaunited community. Join us on our Discord Server.
Do you know that you can earn a passive income by delegating your Leo power to @india-leo account? We share 100 % of the curation rewards with the delegators.
Please contribute to the community by upvoting this comment and posts made by @indiaunited.
For such hackers even 30% is low. Like it's once in a life bounty. Why will someone miss it for any less
As the crypto world expands, so does new challenges occur. Plenty of lessons for all those concerned.
Harmony. Who would have thought of such a thing when he called this project what he called it).
!CTP