KuCoin hacker switches to Tornado Cash for anonymity

With about $4.8 million available in the hacker's wallet, the hacker after dumping on Uniswap is now using Tornado Cash for possible cash out

By Victor Ugochukwu · Oct 26, 2020 . 6min read

It is not coming as any surprise that hacker who breached KuCoin‘s system to steal $200 million is resorting to the anonymity preserving Tornado Cash exchange to mix stolen funds.

According to a recent tweet by Larry Cermak of The Block, the KuCoin hacker started to mix his Ethereum through 100 ETH batches on Tornado cash. With about $4.8 million available in the hacker’s wallet, the hacker after dumping on Uniswap is now using Tornado Cash.

Larry posted proof of such transactions where hacker sent 2,800 ETH to Tornado cash.

While it may appear this is KuCoin hacker’s first transaction on Tornado Cash, it’s not actually. As we earlier reported, KuCoin hacker opted for Uniswap to start dumping ERC-20 tokens for ETH. After all, nobody using the DEX needs to observe KYC. After getting some sizable ETH while KuCoin worked with project token owners to freeze and recover some assets, the hacker then shared the ETH to several addresses.

And now, the hacker is using Tornado Cash to mix the ETH and possibly cash out without revealing his identity.

Some possible reasons the KuCoin hacker is using Tornado Cash

Just like bitcoin mixers which helps obfuscate transaction history and addresses, Tornado Cash is equivalent for Ethereum. It uses zero-knowledge proofs to anonymize senders’ address whenever they are transferring Ether. For now, the platform shows extreme cryptographic strength which cannot be broken except senders make a mistake. As reported by The Block, if users mishandle the tool, they risk doxxing themselves without knowing.

Moreso, Tornado Cash can only allow limited volumes at every instant. This is to limit the tendency of malicious actors like in this KuCoin case to use it for money laundering.

As the chart above shows, Tornado cash usage keeps growing since the beginning of the year. As at press time, the amount in dollar value in Tornado Cash ETH pool is around $8.9 million. It could well be that one-third of that volume is an inflow from the KuCoin hacker activities.

At some point, KuCoin exchange CEO Johnny Lyu said they had identified the hacker suspect but didn’t reveal the identity to the public. One may begin to imagine why the hacker is still out at large and making final steps to cash out using the privacy-preserving Tornado Cash possibly.

Follow Cryptodose for daily updates.