20 transactions, $5.1M transferred to Tornado Cash – Aftermath of the Jaredfromsubway.eth attack
Are DeFi protocols and current bridges unknowingly aiding the flow of illegal money?
The attacker who stole from Jaredfromsubway.eth Maximal Extractable Value (MEV) bot may have been actively working towards hiding the evidence of the exploit.
Specter, an on-chain investigator, is in the news today after he reported that out of the $7.5 million that was stolen, about $5.1 million has already been transferred to Tornado Cash.
Funds laundered in batches
According to the latest transactions, the attacker used 20 different transactions, each worth 100 Ethereum [ETH], to deposit 2,000 ETH into Tornado Cash.
Remarking on the same, Specter noted,
It looks like the attacker has no intention of returning any funds to jaredfromsubway.
To lessen exposure to ETH price volatility and ease future fund transfers, the remaining 1,422 ETH were exchanged for roughly $2.44 million worth of DAI – A dollar-pegged stablecoin.
At the time of the attack, the price of ETH was trading close to $1,700. However, the price of Ethereum fell by more than 8% over the previous week to $1,656.04.
Notably, ETH’s price decline was not solely due to the attack rather the broader market downturn.
Details of the attack
The attacker first imitated a lucrative opportunity by creating a liquidity pool and a wrapper token. Then, the wrongdoer altered the trading logic of the MEV bot to fool it into automatically approving transactions. All while the bot engaged with these opportunities.
This permanently allowed the attacker-controlled contract to take money out. The exploit itself brought in 1,583 ETH, $2.87 million in USDC, and $2.09 million in USDT.
Afterwards, the attacker combined the assets and exchanged them for 4,427 ETH, which lessened fragmentation and facilitated the money laundering process.
Impact of funds moving across chain after exploits
The most recent actions of the attacker highlight a typical trend observed following significant crypto exploits. When attackers starts laundering funds, the stolen money is quickly split up. It is then exchanged and sent through several blockchains and privacy tools to complicate recovery and tracing.
When attackers bridge assets across chains and transform them into different tokens or stablecoins, such post-hack behavior frequently transcends a single network.
Recently too, two suspected cryptocurrency laundering service operators were charged by U.S authorities. This, after they allegedly processed over $389M in illegal digital asset transactions.
Final Summary
- Jaredfromsubway.eth Maximal Extractable Value (MEV) bot attacker has now started to launder funds after the exploit.
- All this has raised legitimate concerns about funds laundering.
