The previously sanctioned crypto mixer app Tornado Cash used to increase the anonymity of crypto funds for privacy concerns, still is being used by hackers.
Two blockchain security and research firms, Peckshield and Certik, have detected the transfer of stolen funds of the DAI Maker exploit that happened in August 2021 and lost over $7 million funds in ERC20 tokens and other stablecoins.
As per the announcement of Certik, 500,000 DAI tokens linked to the victim defi project DAO Maker, which facilitates crowdfunding in crypto, were sent to the banned Ethereum mixer service Tornado on September 08.
The on-chain analytic firm CertiK added;
“We are seeing a movement of $500,000 DAI to @TornadoCash from EOA 0x0B789. The address is directly connected to the DAOMaker exploiter who stole funds from @TheDaoMaker.”
Although the Ethereum mixer app came under the radar many times before to facilitate illicit money transfers, the Treasury Department’s Office of Foreign Assets Control (OFAC) banned the crypto mixer service on August 08. At the time of confiscation, the agency accused the application of helping North Korean hacker group Lazarus to launder more than $7 billion.
Notably, since the OFAC restricted the application as open public code, criticism from the crypto community has appeared. Crypto services platforms touted the government agency as overstepping its power to slap sanctions on a privacy tool also used by other legitimate users to protect their privacy.
Effected Users Sued The Treasury Department Over Its Tornado Cash Ban
In response to the OFAC’s aggressive approach, six legitimate users severely affected due to the ban filed a lawsuit against Treasury Department officials last Thursday. And the prominent cryptocurrency exchange Coinbase has announced to back this case. In a 20-page complaint, the plaintiffs claimed that OFAC violated the constitution’s rights of free speech and property and wanted the court to lift this ban ASAP.
Paul Agrawal, chief legal officer at Coinbase, commented that the government’s decision halted the privacy of many legitimate users. He said,
“No one wants criminals to use crypto protocols, but blocking the technology entirely (which is what this sanction essentially does) is not what the people’s elected representatives authorized — especially when there are effective routes to more narrowly target bad actors.”
In contrast to the company’s claim, exploiters of the Horizon Bridge attack of June 2022 used the same application to obscure the transactions. The hackers sent the batches of 100 ETH to the Tornado mixer after the intervals of 8 minutes, per June’s findings of Peckshield. It’s more likely that other cybercriminals get assisted by Tornado Cash to launder money, including the exploiters of Grim Finance, which transferred $3.3 million into the mixer in December 2021, and Monox finance’s heist that saw $2.1 million mixed via crypto privacy tool in last September.