TempleDAO Hacked Funds Deposited to Tornado Cash

The TempleDAO exploiter transferred stolen funds to the privacy protocol’s smart contract, according to Etherscan data

by Shalini Nagarajan /
article-image

Source: DALL·E

share

key takeaways

  • Hack amounted to 4% of TempleDAO’s assets
  • Tornado Cash is a sanctioned entity in the US, meaning individuals there are prohibited from dealing with the mixer

A hacker who exploited DeFi protocol TempleDAO used sanctioned crypto mixer Tornado Cash to move their stolen funds.

Earlier this month, the yield-farming protocol was exploited for 1,831 ETH (around $2.34 million). All funds were moved to a new wallet

Etherscan data shows about the same amount of ether was transferred from the hacker’s identified address to a Tornado Cash router on Sunday. The move will obfuscate the destination of the stolen funds. The protocol’s immutable smart contracts are capable of providing privacy for criminals as well as lawful users.

Blockchain investigator PeckShield first noted the exploiter’s use of the crypto mixer.

Loading Tweet..

The transfers began with 0.1 ether, followed within minutes by multiple other transactions worth 100 ether each.

Tornado Cash acts as a cryptoasset mixer, making it extremely difficult to trace precisely the origin of funds withdrawn. It was added to the US Treasury’s sanctioned list of “Specially Designated Individuals” in August, prohibiting people in the country from dealing with the service. 

The Treasury’s primary concern was the mixer’s role in laundering over $455 million worth of cryptoassets stolen by the North Korean hacking group Lazarus. 

Before TempleDAO’s exploit, the protocol’s total value locked stood at about $57 million, according to DeFiLlama. The attack amounted to about 4% of its assets. Security firm BlockSec said the root cause behind it was insufficient access control to a specific function in the affiliated Stax Finance smart contract. 

October marks the highest value of crypto hacked all year

October has so far turned out to be a record month for hacking activity, with stolen funds amounting to $718 million across 11 different DeFi protocols, according to Chainalysis.

The $100 million exploit of Binance’s BNB chain and the $112 million extracted from Mango Markets took place in the last two weeks  — and the month is only half over.

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Tags

Upcoming Events

Permissionless III

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

learn more

recent research

Research report HL cover.jpg

Research

Hyperliquid Deep Dive: The Future of Perp DEXs

It's increasingly apparent that orderbooks represent the most efficient model for perpetual trading, with the primary obstacle being that the most popular blockchains are ill-suited for hosting a fully onchain orderbook. Hyperliquid is a perpetual trading protocol built on its own L1 that aims to replicate the user experience of centralized exchanges while offering a fully onchain orderbook.

by Carolina

/

news

article-image

Web3

Empire Newsletter: Unpacking the Consensys legal salvo

Consensys filed a lawsuit against the SEC in a Texas court on Thursday

by Michael McSweeney&Casey Wagner&David Canellis&Katherine Ross /
article-image

Business

A bitcoin mining giant is ahead of schedule on its post-halving expansion

Marathon Digital’s hash rate target of 50 EH/s by the end of 2025 may be achieved a year sooner than expected, CEO says

by Ben Strack /
article-image

DeFi

Algorand courts Python devs in ‘seismic change’

The Algorand Foundation touts the network as first to go after pool of 10 million global developers

by Macauley Peterson /
article-image

DeFi

MapMetrics ditches Solana blockchain for peaq

Drive-to-earn DePIN project MapMetrics will slowly transition to the peaq blockchain

by Bessie Liu /
article-image

Policy

SEC seeks to regulate ETH as a security, Consensys alleges in lawsuit

The suit, filed in a Texas court, alleges a regulatory overreach by the SEC

by Katherine Ross /
article-image

Business

Stripe to bring back crypto payments in the next few months

This is the first crypto-centric announcement from Stripe since May of last year

by Katherine Ross /