The hacker behind the recent WazirX India breach remains active, transferring 5,000 ETH (approximately $11.4 million) to a new address.
According to blockchain data, the hacker has already deposited $9.9 million of that amount into Tornado Cash, a decentralized privacy platform, while still holding $1.38 million in their wallet.
🚨UPDATE🚨Another busy day for @WazirXIndia hacker!
Hacker has transferred 5K $ETH (~$11.4M) to a new address: https://t.co/C7N2w4JiiD and already deposited $9.9M to @TornadoCash ! and still holds $1.38M!Want to keep your company off our alerts radar? Learn how to secure your… https://t.co/dfWSO4cpcb pic.twitter.com/DdwtkdD5P8
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) September 16, 2024
In a startling revelation, a co-founder of Crypto India has suggested that one of the wallets involved in the WazirX hack was funded through a Binance KYC (Know Your Customer) account. The discovery was made after tracing the hacker’s wallet back to its original funding sources. One of these wallets received 9.19 ETH from a Binance KYC account and an additional 3.8 ETH from another active wallet.
One of the Wallets involved in Wazirx Hack was funded by Binance KYC Account.
How do we know this ?
I tracked one of the wallet which was involved in the Wazirx hack and went on to track from where it got funded.
Which lead me to final Wallet which received 9.19 ETH from… pic.twitter.com/9HQktZB8dA
— Aditya Singh (@CryptooAdy) September 15, 2024
This has raised questions about whether the hacker used a purchased or compromised KYC account to fund their activities. It’s not uncommon for hackers to exploit such methods to obscure their tracks. In fact, similar tactics were used in the WazirX India breach, where the hacker allegedly bought KYC-verified accounts to facilitate fund transfers.
This method of buying KYC accounts is a known practice among cybercriminals, allowing them to bypass identification procedures that would normally trace illicit activity back to them. Given that some of the funds came from a Binance KYC account, it’s critical to investigate further to determine if the hacker obtained and used a legitimate account or simply purchased it.
As the investigation unfolds, more details may emerge about the hacker’s activities and the potential vulnerabilities in the KYC processes on major exchanges like Binance.
Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.
Follow us on Twitter @themerklehash to stay updated with the latest Crypto, NFT, AI, Cybersecurity, and Metaverse news!