The attacker behind last week’s exploit of decentralized-finance (DeFi) protocol TempleDAO has moved the entirety of the illicitly gained proceeds to privacy mixer Tornado Cash over multiple transactions in the past 24 hours.
Temple DAO, which allows its users to earn yields on their crypto holdings, was one of the several platforms hacked in a single day last week, in a month that’s now slated to become the worst ever for crypto hacks.
Addresses connected to the exploiter tagged as “TempleDAO Exploiter” on the blockchain scanning tool Etherscan show the stolen funds were transferred over the weekend to wallet address 0x2b63d4a3b2db8acbb2671ea7b16993077f1db5a0.
In late Asian hours on Sunday, those funds were moved to Tornado Cash in batches of 100 ethers each. The attacker was ultimately able to move 1,921 ethers through 21 different transactions, data shows. At current prices, that ether is worth more than $2.5 million.
Tornado Cash, which has been sanctioned by the U.S. government, enhances the privacy of transactions by breaking the on-chain link between a source and a destination address. That allows exploiters and hackers to mask their addresses while withdrawing illicitly gained funds.
Blockchain security company BlockSec said last week that the root cause of the attack was “insufficient access to control to the migrateStake function” on smart contracts related to TempleDAO.
That function automatically distributes yield rewards to a user's wallet in case of a contract migration.
