Bitrue Hacker Launders $30 Million Using Tornado Cash

Ali Raza
Last Updated:

Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.

A crypto hacker who stole $23 million during the April 2023 attack on Bitrue has finally resurfaced, more than two years after the incident. This time, the hacker attempted to use a popular crypto mixer, Tornado Cash, to launder the stolen funds.

Blockchain analysts commented on the move, stating that the individual behind the attack has cycled more than $30 million worth of ETH using the sanctioned mixer, while turning a profit along the way.

The Hacker Earned Over $9 Million From The ETH Price Recovery

Crypto analytics company EmberCN looked into the matter, noting that the attacker had sold the stolen Ethereum shortly after the 2023 exploit, only to then re-enter the market when the price dropped to $1,472 in April.

Now that the ETH price has surged above $2,800 again, the hacker has been consolidating gains, and they used Tornado Cash to cover their tracks. Estimates say that the price swing allowed the attacker to net a profit of nearly $9.37 million.

On-chain data from Debank and Etherscan has confirmed that all of the stolen funds have gone through Tornado Cash, with the hacker making large deposits over the last several weeks. Most recently, there was another surge in activity this Thursday, which pointed to a long-running laundering strategy.

A portion of the funds was also sent to HyperLiquid, a decentralised derivatives platform. According to analysts, the hacker may be attempting to engage in leveraged trading, or they might be trying to add an extra layer of obfuscation to conceal the funds.

What Happened During The 2023 Attack? 

During the attack in April 2023, the hacker targeted the vulnerability in one of the platform’s hot wallets. They managed to leave Bitrue with stolen ETH, SHIB, HOT, and several other tokens before the exchange realised what was going on and halted withdrawals.

The platform conducted an internal security review to establish what happened and how the hacker got access to the funds, and it promised to cover user losses. It said that it remained solvent, although the attacker’s identity was never confirmed, and none of the stolen funds were ever recovered.

About Ali Raza PRO INVESTOR

Ali is a professional journalist with experience in Web3 journalism and marketing. Ali holds a Master's degree in Finance and enjoys writing about cryptocurrencies and fintech. Ali’s work has been published on a number of leading cryptocurrency publications including Capital.com, CryptoSlate, Securities.io, Invezz.com, Business2Community, BeinCrypto, and more.