Hackers Exploit Crypto Market Crash to Purchase Ethereum with Stolen Funds

Why Trust Techopedia
Key Takeaways

  • Cyber criminals involved in the 2022 Nomad cross-chain bridge exploit bought 16,892 ETH using stolen DAI tokens.
  • The purchase coincided with a 20% drop in Ether's value over 12 hours.
  • The hackers began transferring the newly acquired Ether to the mixing platform Tornado Cash.

Cyber thieves took advantage of the crash in the cryptocurrency market on Monday to purchase a significant amount of Ethereum (ETH), likely aiming to maximize their gains from the stolen funds.

The Nomad Hacker’s Ethereum Purchase and Recent Developments

On August 5, hackers behind the Nomad bridge exploit used 39.75 million stolen Dai (DAI) tokens to acquire 16,892 (ETH), as reported by blockchain analytics firm Lookonchain.

This strategic move by the hackers coincided with a sharp decline in Ether’s value, which plummeted over 20% within 12 hours, dropping from approximately $2,760 to $2,172. 

ETH Plummets over 20% in 12 hours/ Source: TradingView
ETH Plummets over 20% in 12 hours/ Source: TradingView

Shortly after acquiring the Ether, the hackers began transferring the assets to the crypto mixer Tornado Cash. 

As reported by PeckShield, the Nomad exploiter initially transferred a small amount (17.75 Ether) to an intermediary address, followed by a larger transfer of approximately 2,400 Ether, valued at around $7 million, to Tornado Cash for further obfuscation.

Recall that the original Nomad bridge hack occurred on August 2, 2022, resulting in the theft of around $200 million as it became one of the most notable blockchain bridging hacks.

Paradigm researcher Sam CZ Sun explained that the breach was due to a flaw in the bridge’s smart contract, allowing hackers to systematically drain the bridge’s funds across multiple transactions.

Challenges Emerging from Crypto Mixing and Related Incidents 

The use of crypto-mixing services like Tornado Cash presents significant challenges for law enforcement and regulatory bodies in their efforts to combat money laundering and other cryptocurrency-related crimes. 

While these services offer privacy to legitimate users, they have become a double-edged sword, frequently utilized by hackers to launder stolen funds. The difficulty in tracking mixed funds hampers efforts to recover stolen assets and hold perpetrators accountable.

In a similar incident, funds connected to the 2021 Pancake Bunny hack were also used to purchase Ether during the market drawdown.

Recall that the Pancake Bunny hacker also recently used Tornado Cash to siphon $2.9 million worth of Ether. The Pancake Bunny protocol, a decentralized finance platform on the BNB Smart Chain, had previously fallen victim to a flash loan attack.

In this instance, 3.6 million DAI connected to the Pancake Bunny exploit was mistakenly sent to a DAI stablecoin address, emphasizing the potential for errors when handling stolen or misdirected funds in cryptocurrency transactions.