The WazirX hacker, who has remained unidentified since the July hack, is reportedly moving the stolen funds. Data gathered by Arkham Research showed that the hacker is using the controversial Tornado Cash platform for this purpose. Of the stolen amount of over $230 million (approximately Rs. 1,900 crore), the hacker is believed to have moved $6.5 million (approximately Rs. 54.5 crore) worth of Ether tokens to Tornado Cash, which is now a sanctioned platform in the US.
Tornado Cash essentially lets people deposit their crypto tokens into a pool of different crypto tokens and transfer their funds to the destination wallet in the form of other cryptocurrencies. Tornado Cash has become a popular tool in recent years among cybercriminals who want to leave no trace when transferring funds obtained through illegal activities.
The hacker facilitated 26 transactions to transfer the above amount to a Tornado Cash address, the facts by Arkham shows. Etherscan data further showed that the hacker moved the funds in the form of ETH 100 per transaction. Screenshots of these details have surfaced on social media.
Speaking to Gadgets360 this week, WazirX co-founder Nischal Shetty confirmed that the hacker has not yet been identified. Research analysts have previously claimed that North Korea’s notorious Lazarus Group may have carried out the hack.
“Most of the research community says that the pattern matches the Lazarus group. But you know, at the end of the day, the Lazarus group is not one to just give in. So you never get confirmation. We have one of the best researchers in the industry who says that the pattern matches exactly. We have some credible information that, you know, that’s a possibility,” Shetty said.
WazirX took the first step toward restructuring its finances after the hack last week. The exchange filed a moratorium with a Singapore court, seeking time to analyze its liabilities and reorganize its capital. It could take up to six months for WazirX to complete the process.
Meanwhile, the exchange has opened INR withdrawals and the team is encouraging users to withdraw 66 percent of the INR funds that have been provisionally released.
The exchange says it is working with law enforcement agencies and CERT-In to identify the hacker.