Concern over the quantity of cryptocurrency hackers funding their attacks through centralized exchanges is growing.
Stay in the know on crypto by frequently visiting Crypto News Today
Hackers must first fund their wallets in order to pay the transaction fees required to launch attacks. But since a public ledger is transparent, they must carefully consider how to accomplish this without becoming associated with the crime.
Tornado Cash was once the go-to method for erasing evidence, utilized by both privacy advocates and hackers.
CryptoCaster Quick Check:
It now seems that hackers frequently choose to fund their accounts by avoiding the know-your-customer (KYC) processes of exchanges.
According to an analysis of funding sources for recent attacks conducted by blockchain monitoring company Forta Network, Tornado Cash—the hacker’s preferred method of payment—now accounts for just under half of the hacks that were examined, with centralized exchanges (CEXs) providing funds in a third of the cases.
Additional funding sources included the 3.3% share from cross-chain swaps via Squid router, the 6.7% share from “middleware operations software” UnionChain and the innovative privacy tool Railgun.
The addresses in the dataset were used in 30 recent flash-loan attacks, such as the complex $48 million hack of the decentralized exchange KyberSwap in November, the simultaneous attacks on the Arbitrum projects Gamma Strategies and Radiant Capital, and the successful $1 million governance attack on the NFT project Loot last month.
The US Treasury imposed sanctions on the cryptocurrency mixing service in August 2022, which made it more difficult for hackers to cash out even though Tornado Cash is still the main source of funding for on-chain hacks.
When converting any illicit gains to fiat currency, addresses that have come into contact with any “tainted” funds from the mixer are typically flagged by exchanges following the sanctions, making it a bad option.
According to a recent article from 404 Media, the author passed KYC checks on OKX, the funding source of one of the attacks Forta investigated, using a $15 AI-generated fake ID from the website OnlyFake.
With the help of these AI tools, hackers can create a completely new person along with all of their accompanying documentation without having to buy “fullz” or stolen credentials on the darknet.
The high percentage of exchange-funded attacks demonstrates how simple it has become to get around KYC, a trend that is probably going to continue as more people use tools of a similar nature.
The hackers may feel somewhat safer leaving less of a trail on-chain even though they still run the risk of the CEX blocking their funds.
Although evading legitimate KYC checks could be a challenge for the cryptocurrency sector in terms of on-ramping hackers, the issue is certain to impact numerous other industries as well. Paradoxically, the technology that underpins cryptocurrencies—cryptographic proofs—may be the answer to these kinds of problems down the road.
For the time being, there are valid questions regarding the degree to which exchanges take their responsibility and the effectiveness of their KYC procedures.
We hope you found this article insightful. Before you go, please consider supporting CryptoCaster’s independent journalism.
In the world of media owned by billionaires like Elon Musk, Larry Fink (BlackRock), and Jamie Dimon (JP Morgan Chase), influence over narratives surrounding cryptocurrency and Web3 often reflects their interests. CryptoCaster is different. With no billionaire backers or shareholder obligations, we are committed solely to public interest journalism, covering crypto advancements and institutional changes without profit-driven motives.
Unlike much of mainstream media, which can fall into neutrality traps that obscure the real impacts on retail investors, we’re guided by transparency and integrity. We are unafraid to take a stand in the ongoing struggle against fiat banking dominance and in support of the monetary innovation driven by crypto and Web3. Reporting on issues like FTX, Binance, and Ripple, we bring a bold, unfiltered outsider’s view on global financial disruption—free from the constraints of traditional media narratives.
CryptoCaster remains paywall-free, accessible to everyone, thanks to the support of readers like you. Your contributions keep us independent and help ensure that critical information on the crypto landscape reaches all. If you value our work, please consider supporting us with a one-time contribution starting at just $1 in Bitcoin or Ether, or even monthly if you’re able. Scroll down to find our wallet addresses and help keep CryptoCaster independent and thriving.
Thank you for your support,
Kristin Steinbeck
Editor, CryptoCaster
Please Read Essential Disclaimer Information Here.
© 2024 Crypto Caster provides information. CryptoCaster.world does not provide investment advice. Do your research before taking a market position on the purchase of cryptocurrency and other asset classes. Past performance of any asset is not indicative of future results. All rights reserved.
Contribute to CryptoCaster℠ Via Metamask or favorite wallet. Send Coin/Token to Addresses Provided Below.
Thank you!
BTC – bc1qgdnd752esyl4jv6nhz3ypuzwa6wav9wuzaeg9g
ETH – 0x7D8D76E60bFF59c5295Aa1b39D651f6735D6413D
CRYPTOCASTER HEATMAP