Home / News / Crypto / News / Poloniex Heist Hacker Uses Tornado Cash to Launder Millions – What Does This Mean for Roman Storm Case?
6 min read

Poloniex Heist Hacker Uses Tornado Cash to Launder Millions – What Does This Mean for Roman Storm Case?

Last Updated May 7, 2024 8:49 AM
Teuta Franjkovic
Last Updated May 7, 2024 8:49 AM
By Teuta Franjkovic
Verified by Peter Henn

Key Takeaways

  • Poloniex Hacker’s use of Tornado Cash strengthens the legal case against the platform’s co-founders Roman Storm and Roman Semenov.
  • Lazarus Group remains a suspect in the Poloniex hack
  • Crypto security remains a major challenge, with mixers complicating investigations

A hacker who stole  $125 million from Poloniex’s hot wallets in November transferred 1,100 Ethereum (ETH) to sanctioned coin mixer Tornado Cash.

The news comes after Tornado Cash co-founders Roman Storm and Roman Semenov were indicted for allegedly facilitating over $1 billion in money laundering through their platform.

Now, prosecutors may use the hacker’s actions against the mixer’s founders

Poloniex Hacker Uses Tornado Cash to Launder Stolen Ethereum

The transferred Ether, valued at approximately $3.3 million, was sent in batches of 100 ETH each on Tuesday after being dormant for 178 days.

The individual responsible for the Poloniex hack, identified by the address 0x3E…fDFd, transferred 100 ETH worth aboutapproximately $308,000 to Tornado Cash. According to WuBlockchain , this marks the first reported instance of the hacker using Tornado Cash in such illicit activities.

The hacker has accumulated a significant portfolio of cryptocurrencies valued at over $182 million. This includes

  • 25,563 ETH worth approximately $79 million.
  • 305,042 TRX valued at $36 million.
  • 626 BTC approximately valued at $32 million.
  • 364.292 BTCT worth about $23.3 million.

Additionally, on April 30, the Poloniex hacker moved 501 BTC valued at $32 million to an unlabelled wallet. According to Arkham , the hacker still holds crypto worth $181 million across various blockchains.

Tornado Cash is a protocol which obscures crypto tokens’ origins by mixing them across various wallets over an extended period. In 2022, the US Treasury Department issued sanctions against it after its use by North Korean hacking group Lazarus. Lazarus used Tornado Cash in an attempt to conceal funds obtained from the $625 million Axie Infinity exploit . The group also reportedly used Tornado Cash to launder $12 million stolen in the Heco Bridge hack last year.

Hacker’s Use of Tornado Cash Impacts Legal Case Against Storm

The recent use of Tornado Cash by the individual behind the Poloniex hack could have significant implications for the ongoing legal case against Roman Storm, one of the co-founders of Tornado Cash.

This incident could potentially strengthen the Department of Justice’s (DOJ) case against Storm. The DOJ has accused Storm  and his co-founder of enabling over $1 billion in money laundering activities through their platform. The department claims Tornado Cash is an unlicensed money transmitter which violates sanctions.

This specific event ties Tornado Cash to high-profile criminal activities, thereby challenging Storm’s defense.

Storm’s argument that Tornado Cash merely provides a decentralized service without direct control over the funds may, however, falter under renewed scrutiny of how effectively such platforms can be used for illegal activities. The DOJ might use this to argue that the nature of Tornado Cash’s services inherently supports illicit activities. Moreover, this could affect the judicial perspective on the nature of crypto-mixing services. It could, potentially, set a precedent for how similar services might be treated legally in the future.

Lazarus Group Suspected in $114 Million Poloniex Hack

On November 10 2023, Poloniex suffered  a breach resulting in the theft of approximately $114 million worth of crypto. The Ethereum wallet tied to the hacker executed 357 transactions, moving a total of $114 million worth of tokens from Poloniex. Additionally, a wallet on the Tron blockchain associated with the incident transferred about $42 million to various addresses.

Tron founder Justin Sun bought Poloniex, founded in 2014 as a centralized exchange, in 2019. This exchange has experienced significant security challenges, including the previously mentioned hack.

In a separate development, an attacker associated with a $26 million hack on Kronos Research  transferred 200 ETH to Tornado Cash. Kronos Research also suffered an attack in November last year. However, it is currently unclear whether the two incidents are directly connected.

Related Hacks Underscore Crypto Security Risks

November’s attack on the HTX exchange, also owned by Justin Sun, and the Heco cross-chain bridge led to the loss of over $97 million in various tokens. The vulnerability exploited in this incident involved private keys, allowing attackers to transfer tokens from users’ wallets on the Heco Chain to their accounts on the Ethereum network using the Heco bridge.

The Poloniex hack also shows the critical need for more robust security measures within crypto exchanges and blockchain protocols.

Was this Article helpful? Yes No