Two wallets linked to the CoinStats exploit from June have moved 311 ETH to Tornado Cash to obfuscate their fund flows. One moved 211 ETH, while the other sent 100 ETH to the mixer, amounting to $959,000.
Crypto mixers like Tornado Cash are used by a wide array of individuals for anonymizing their transactions. It prevents the tracking of the origin of their funds. While these services are praised for lending privacy—a human right—using them may not comply with anti-money laundering regulations in various jurisdictions. That is because individuals and organizations can use it to cover the tracks of their ill-gotten funds, as proven by the CoinStats hacker.
The CoinStats platform allows users to track their crypto investment portfolios from a single point by connecting their wallets and centralized exchange (CEX) accounts. With so much value to gain, the hacker attacked the platform and managed to siphon funds from about 1.3% of the 1590 wallets on CoinStats. To clarify, the bad actor only accessed wallets natively created on the portfolio tracking platform. External ones and CEX accounts remained untouched.
Nevertheless, the damage was done, with users recording millions in losses. One affected wallet lost about $8.7 million. Wu Blockchain, a crypto news source on X, broke the severity of the situation with its post in June, “A wallet belonging to Blurr.eth was stolen from 3,657 MKR ($8.7 million) and sold on the chain by the hacker for 2,482 ETH.”
CoinStats shut down the platform right after the hack to fix its vulnerabilities and was back up on July 3. Its CEO, Narek Gevorgyan, relayed that the incident occurred due to an employee falling for the hacker’s social engineering tactics and downloading malware. “Our AWS infrastructure was hacked, with strong evidence suggesting it was done through one of our employees who was socially engineered into downloading malicious software onto his work computer,” Gevorgyan said.