Experts have now found that the hacker who stole $90 million from the Japanese cryptocurrency exchange Liquid was sending the funds to different wallets to cover their tracks.
$20 million was sent to ETH Mixer, and some parts of it were divided between Binance, Uniswap, Poloniex, etc. Three cryptocurrency exchanges have already frozen the funds from the wallet addresses that they suspect belong to the hackers.
Liquid Exchange first announced the hacking on Thursday. Bitcoin, Ether, ERC20 tokens, TRON, and XRP, were stolen in the breach. To control the breach, Liquid Exchange stalled all withdrawals. They also contacted the Monetary Authority of Singapore to help track down the hackers. On Sunday, Liquid exchange started shifting its user funds to more secure vaults.
This is one of the biggest crypto exchange hacks in recent history. But the biggest hack in crypto history was in 2018 when $500 million was stolen from the Tokyo exchange Coincheck. But because all blockchain data is public, our law enforcement officials, as well as ordinary crypto enthusiasts, can track the way the stolen funds are being moved.
For the Liquid Exchange hack, the ETH trail has been traced to a non-custodial mixer called Tornado.cash, but then the trail for the funds went cold. Law enforcement has now started corroborating real-world data as well as on-chain information to further track down the funds.
Till now, law enforcement believes that around $45 million in stolen Ethereum tokens have been converted into Ether through DEX exchanges like Uniswap and SushiSwap. But the Bitcoin stolen by the hacker seems to not yet have been moved through any exchanges. Law enforcement predicts that the BTC is still in the hacker’s wallet.
Around $1 million of TRON tokens are believed to have been sent to Huobi through four interconnected wallets. Huobi has already restricted the account. Around 3.5 million TRON, though, is still in the hacker’s wallet. $14.5 million worth of XRP was sent by the user to different centralized exchanges like Binance, Huobi, and Phoenix, Most of these addresses are now being blocked to further corner the hackers and track down the stolen funds of many crypto traders.