Less than a week after exploiting the leading cryptocurrency derivatives exchange Deribit, the attacker started moving the stolen funds.
As of November 5, the hacker had moved 1,610 Ether (ETH) worth over $2.5 million to the U.S.-sanctioned crypto mixer Tornado Cash, leaving a balance of about 7,501 ETH in the address.
On November 2, CryptoPotato reported that Deribit lost $28 million in a hot wallet exploit. The hacker made away with crypto assets such as Bitcoin (BTC), ETH, and USD Coin (USDC).
The exchange was forced to pause withdrawals and deposits as it tried to control the situation by conducting security checks. Deribit told users that all losses would be covered by its reserves and not the insurance fund, assuring them that clients’ assets, including those in cold storage, were unaffected.
The platform resumed activities that same day after migrating all hot wallets to crypto custodian Fireblocks. The exchange also instructed users to refrain from sending funds to their previous BTC, ETH, and USDC addresses, as they could be exploited again. Users were asked to use Fireblocks deposit addresses instead.
Deribit Stolen Funds on the Move
Two days later, the hacker started moving the funds to Tornado. According to data from Ethereum block explorer Etherscan, the attacker moved 1,610 ETH in 17 transactions, 16 with 100 ETH and one with 10.
The attacker initially transferred 9,080 ETH to the depositing address on the day of the exploit. The wallet address held 7,501 ETH worth over $11.8 million at press time.
Hackers Not Relenting
Deribit’s exploit happened just after October finished with a record $650 million loss from 44 hacks affecting 53 DeFi projects.
Hackers seem relentless as they dig deep into crypto platforms and smart contracts to exploit vulnerabilities. Barely a week into November, over $30 million has been stolen from crypto projects, including Skyward Finance.