The attacker, who hacked the KuCoin cryptocurrency exchange in September, sent some of the bitcoins through the Wasabi wallet with the possibility of mixing. This was noticed by user Ergo from OXT Research.
According to his observations:
322 BTC went through the ChipMixer mixing service;
288 BTC partially mixed in the anonymous wallet Wasabi and another 245 BTC, in his opinion, can go through this path.
Wasabi Wallet is an open source non-custodial Bitcoin wallet focused on user privacy. Its main feature is the use of Chaumian CoinJoin technology - a trustless coin mixing (shuffling) mechanism with mathematically provable anonymity.
The researcher discovered that some of the stolen funds that did not go through this procedure were transferred to four new P2SH addresses. OXT Research analyst believes that they can be used in subsequent actions of hackers, if the funds on them are not mixed in the future.
Analysts noticed that before sending funds to Wasabi, the attackers included unspent transaction outputs (UTXOs) from the Hydra darknet marketplace into the peel chains (literally, layered chains) scheme.
A similar algorithm was used by two residents of China, accused of involvement in hacking cryptocurrency exchanges and links with the hacker group Lazarus, working in the interests of North Korea.
At the end of September, KuCoin reported about unauthorized withdrawals from hot bitcoin wallets, ERC-20 tokens and others. The damage amounted to more than $ 280 million.
Later, the KuCoin exchange was able to identify the suspects in the hacking and block some of the stolen funds with the help of partners.
To withdraw funds, the hackers used the Uniswap exchange and the Tornado Cash mixer.
Posted Using LeoFinance Beta