The hacker responsible for the March 2024 Unizen breach has laundered over $2M using Tornado Cash. According to cybersecurity service Peckshield Alerts, the attacker transferred 865.4 ETH from the exploit wallet, totaling around $2.16M in value.
This activity took place 151 days after the initial $2.1 million hack. The attacker used an 'approve issue' on Unizen's platform. Despite the efforts of the Unizen, the hacker has yet to reply and return the funds.
The laundering procedure began by transferring 2,179,859 DAI to an unknown wallet. The funds were subsequently exchanged for ETH via Uniswap. Finally, the hacker used Tornado Cash in 26 transactions to conceal their activities.
Unizen identified the vulnerability on March 9, 2024. They lost $2.1M in USDT, which they soon converted to DAI. The team offered a 20% bounty for the return of the stolen assets but received no response.
This event demonstrates the persistent security challenges in crypto.