Hacker Transfers $10M from 2023 Phishing Incident to Tornado Cash
An account linked to a phishing attack in September 2023 has moved $10 million in Ether to the crypto-mixing protocol Tornado Cash. This incident stems from a hacking event where a crypto whale lost $24 million in staked ETH on the liquid staking provider Rocket Pool. The hacker managed to access the funds by tricking the victim into signing transactions that allowed the attacker to drain the crypto whale's assets.
Phishing Attack Details
The phishing attack involved the victim unknowingly signing an "Increase Allowance" transaction, which gave the hacker approval to spend ERC-20 tokens belonging to the victim. This attack method underscores the importance of caution when interacting with smart contracts and token approvals in the crypto space.
Hacker's Movements
After the initial theft, the hacker swapped the stolen assets for 13,785 ETH and 1.64 million Dai. Some of the Dai was transferred to the FixedFload exchange, while the majority of the stolen funds were moved into other wallets, making tracking and recovery challenging.
Rising Phishing Concerns
Phishing attacks remain a significant concern in the crypto space, with the latest data showing that almost $47 million was lost to such scams in February alone. Ethereum network accounts for 78% of these thefts, with ERC-20 tokens comprising 86% of all stolen assets.
Recent Exploits and Responses
Token approvals have also been exploited recently, with an old contract used by the Dolomite exchange leading to a loss of $1.8 million for users who had authorized approvals for the contract. Dolomite's development team urged users to revoke approvals given to the old contract address to prevent further losses.
While some attacks result in substantial losses, quick intervention can prevent further damage. The Layerswap team, for example, prevented further losses after a breach of its website, although hackers still managed to drain about $100,000 in assets from 50 users. Layerswap has committed to refunding the affected users and providing additional compensation for the inconvenience caused.