The attacker responsible for the major April 2023 security breach targeting cryptocurrency exchange Bitrue has recently begun transferring stolen Ethereum (ETH) into the privacy protocol Tornado Cash.
The hack resulted in approximately $24.4 million in losses following the compromise of a private key associated with the exchange’s hot wallet infrastructure, leading to the unauthorized transfer of significant assets, primarily ETH and other tokens.
Blockchain security firm CertiK Alert has confirmed the movement of the stolen funds into Tornado Cash, a decentralized service designed to obscure transaction trails by mixing potentially identifiable cryptocurrency with other funds.
This development underscores the persistent security vulnerabilities within cryptocurrency platforms and the challenge of tracking and recovering funds once they enter privacy-focused mixing services. It also highlights the continuous pressure on exchanges to significantly enhance wallet management and private key security protocols to prevent such costly breaches.