On August 18, hackers stole a little over $90M* in more than 69 different cryptocurrencies and tokens from Japan-based exchange Liquid Global. Liquid’s teams have yet to release a postmortem detailing the attack vector used by the hacker.
While about $16 million in assets from more centralized tokens have already been frozen according to Liquid, an analysis of the flow of funds shows that the hacker continues to swap stolen ERC-20 tokens for ETH and wETH through decentralized exchanges (DEXs). Swapping more centralized tokens into ETH will hedge against the possibility of additional frozen funds, while swapping into wETH will facilitate additional swaps.
Two days after the hack, 6,005 of the ETH received in these swaps (worth almost $20 million) were sent to Tornado Cash, a cryptocurrency mixer that specializes on obfuscating transactions on the Ethereum blockchain.
Hacker’s addresses include:
- BTC: 1Fx1bhbCwp5LU2gHxfRNiSHi1QSHwZLf7q
- ETH: 0xefb33ccafc98d5fdb27a6f5ff17350ca76bf3b53
- ETH/ERC-20: 0x5578840aae68682a9779623fa9e8714802b59946
- TRX: TSpcue3bDfZNTP1CutrRrDxRPeEvWhuXbp
- XRP: rfapBqj7rUkGju7oHTwBwhEyXgwkEM4yby
CipherTrace is continuing to monitor the hacker’s flow of funds.
*CipherTrace uses historical prices based on the time of the attack.
The post Liquid Exchange Loses Over $90 Million in Warm Wallet Hack appeared first on CipherTrace.