Tornado Cash Enables 29M Transfer as Crypto Hack Warning Hits PancakeBunny

The individual responsible for the PancakeBunny project exploit has resurfaced, using Tornado Cash to transfer large sums of stolen funds. After being inactive for a period of time, the exploiter, who caused a $45 million loss in May 2021, has caught the attention of the crypto community.

In a recent update, the exploiter sent 1002 ETH, equivalent to $2.9 million, through Tornado Cash, a popular platform known for concealing transaction details. The transaction was brought to public attention by CertiK Alerts, a security firm. The funds were transferred through the wallet address 0xd0f2259e0bd71e849143bbc07f4e427bb6f7756b.

To recap the Bunny Finance exploit, the PancakeBunny attack in May 2021 resulted in users losing approximately $45 million. The attack was executed through a flash loan, with the attacker manipulating the price of BUNNY tokens using a substantial amount of assets from PancakeSwap.

The exploiter’s actions included price manipulation through flash loan attacks, artificially inflating the price of BUNNY tokens. Subsequently, the attacker sold the inflated tokens on the market, causing the price to plummet close to zero and making off with a significant portion of the profits.

Despite transferring a substantial portion of the stolen funds, the exploiter still holds $11.4 million in DAI in the wallet address 0x820C.

This case highlights the role of Tornado Cash in obfuscating the origins of lost funds, as well as the challenges faced by regulators and security experts in tracing and recovering stolen cryptocurrency. While Tornado Cash can be used by individuals for privacy protection, it is also exploited by cybercriminals for money laundering purposes.

Read Also:
Notorious Pink Drainer Falls Victim to $30,000 Address Poisoning Scam