WazirX hacker, who remains unidentified since the hack in July, is reportedly moving around the stolen funds. Data collected by Arkham Research showed that the hacker is using the controversial Tornado Cash platform to do so. Out of the stolen amount of over $230 million (roughly Rs. 1,900 crore), the hacker seems to have moved $6.5 million (roughly Rs. 54.5 crore) worth of Ether tokens into Tornado Cash, which is now a sanctioned platform in the US.
Tornado Cash essentially lets people deposit their crypto tokens into a pool of various crypto tokens and transfer their funds to the destination wallet in the form of other cryptocurrencies. Tornado Cash has, in recent years, emerged as a popular tool among cyber criminals who do not wish to leave any trail while transferring funds obtained through illicit activities.
The hacker facilitated 26 transactions to wire the aforementioned amount into a Tornado Cash address, the data by Arkham shows. Etherscan data further showed that the hacker moved the funds in the form of ETH 100 per transaction. Screenshots of these details have surfaced on social media.
Speaking to Gadgets360 this week, WazirX co-founder Nischal Shetty confirmed that the hacker has not yet been identified. Research analysts have previously claimed that North Korea’s infamous Lazarus Group could have executed this hack.
“Most of the research community says that the pattern matches with Lazarus group. But, you know, at the end of the day, Lazarus group is not someone who comes and owns up. So, you will never get confirmation. We’ve got, like, one of the best researchers in the industry, saying that the pattern exactly matches. We got some credible information that, you know, that’s a possibility,” Shetty said.
WazirX, last week, took its first step towards restructuring its finances after the hack. The exchange filed for a mortarium in a Singapore court – buying time to analyse its liabilities and reorganise its capital. It may take up to six months before WazirX may complete the process.
Meanwhile, the exchange has opened INR withdrawals, and the team is encouraging users to extract 66 percent of the INR balances that have been unfrozen for now.
The exchange said it is working with law enforcement agencies and the CERT-In to identify the hacker.