Suspicious Fund Transfers On Tornado Cash Still Active Despite OFAC Sanctions
Crypto security firm CertiK on Saturday said the firm has detected a suspicious fund transfer worth $2.4 million into crypto mixer Tornado Cash. It reports the fund transfer is likely related to the $139 million BXH Exchange hack in October 2021. Despite sanctions by the U.S. Treasury’s Office of Foreign Asset Control (OFAC), the fund transfer still continues on crypto mixer.
CertiK Detects Suspicious Fund Transfer on Tornado Cash
Crypto security firm Certik in a tweet on September 23 said it detected a suspicious fund transfer worth $2.4 million into Tornado Cash. The fund transfer is likely related to the BXH Exchange hack in late October when hackers stole nearly 4,000 ETH worth $139 million.
An externally owned address (EOA) 0x158F5… executed InCaseTokensGetStuck() privileged function to withdraw funds from a staking contract on Binance Smart Chain and Avalanche. Thereafter, the address bridged the tokens to Ethereum.
According to CertiK, a Telegram group created by people impacted by the BXH Exchange has earlier disclosed the staking contract that holds the assets and addresses.
The address then swapped bridged ERC-20 tokens for ETH. Thus, 1865 ETH tokens in total worth over $2.4 million have been deposited into Tornado Cash.
Suspicious fund transfers on Tornado Cash are still active despite sanctions by the U.S. Treasury’s Office of Foreign Asset Control in August. Recently, an EOA 0x0B789 transferred 500K DAI to the crypto mixer platform. The fund transfer was related to a DAO Maker exploit.
GitHub Reinstates Tornado Cash in Read-Only Mode
Tornado Cash code was restored by GitHub in “read-only” mode after clarification from the U.S. Treasury’s Office of Foreign Asset Control (OFAC).
After much criticism by the crypto community, the U.S. Office of Foreign Asset Control updated the FAQ section. It states the imposed sanctions do not prohibit U.S. people from reading, discussing, teaching, and sharing Tornado Cash’s code. However, the Office of Foreign Asset Control has not removed an outright ban.
“While engaging in any transaction with Tornado Cash or its blocked property or interests in property is prohibited for U.S. persons, interacting with open-source code itself, in a way that does not involve a prohibited transaction with Tornado Cash, is not prohibited.”