Hackers Are Now Turning to Centralized Exchanges as a Means to Finance Cryptocurrency Attacks


Concern over the quantity of cryptocurrency hackers funding their attacks through centralized exchanges is growing.

Stay in the know on crypto by frequently visiting Crypto News Today

Hackers must first fund their wallets in order to pay the transaction fees required to launch attacks. But since a public ledger is transparent, they must carefully consider how to accomplish this without becoming associated with the crime.

Tornado Cash was once the go-to method for erasing evidence, utilized by both privacy advocates and hackers.

CryptoCaster Quick Check:

It now seems that hackers frequently choose to fund their accounts by avoiding the know-your-customer (KYC) processes of exchanges.

According to an analysis of funding sources for recent attacks conducted by blockchain monitoring company Forta Network, Tornado Cash—the hacker’s preferred method of payment—now accounts for just under half of the hacks that were examined, with centralized exchanges (CEXs) providing funds in a third of the cases.


Additional funding sources included the 3.3% share from cross-chain swaps via Squid router, the 6.7% share from “middleware operations software” UnionChain and the innovative privacy tool Railgun.

The addresses in the dataset were used in 30 recent flash-loan attacks, such as the complex $48 million hack of the decentralized exchange KyberSwap in November, the simultaneous attacks on the Arbitrum projects Gamma Strategies and Radiant Capital, and the successful $1 million governance attack on the NFT project Loot last month.

The US Treasury imposed sanctions on the cryptocurrency mixing service in August 2022, which made it more difficult for hackers to cash out even though Tornado Cash is still the main source of funding for on-chain hacks.

When converting any illicit gains to fiat currency, addresses that have come into contact with any “tainted” funds from the mixer are typically flagged by exchanges following the sanctions, making it a bad option.

According to a recent article from 404 Media, the author passed KYC checks on OKX, the funding source of one of the attacks Forta investigated, using a $15 AI-generated fake ID from the website OnlyFake.

With the help of these AI tools, hackers can create a completely new person along with all of their accompanying documentation without having to buy “fullz” or stolen credentials on the darknet.

The high percentage of exchange-funded attacks demonstrates how simple it has become to get around KYC, a trend that is probably going to continue as more people use tools of a similar nature.

The hackers may feel somewhat safer leaving less of a trail on-chain even though they still run the risk of the CEX blocking their funds.

Although evading legitimate KYC checks could be a challenge for the cryptocurrency sector in terms of on-ramping hackers, the issue is certain to impact numerous other industries as well. Paradoxically, the technology that underpins cryptocurrencies—cryptographic proofs—may be the answer to these kinds of problems down the road.

For the time being, there are valid questions regarding the degree to which exchanges take their responsibility and the effectiveness of their KYC procedures.CRYPTOCASTER® - DECENTRALIZED FREEDOM!

We hope you appreciated this article. Before you move on, I was hoping you would consider taking the step of supporting CryptoCaster’s journalism. 

From  Elon Musk, Larry Fink(BlackRock) to Jamie Dimon(JP Morgan Chase) a number of billionaire owners have a powerful hold on so much of the hidden agendas’ which eludes the public concerning the paradigm shift juxtaposed by cryptocurrency and web3 emerging technologies. CryptoCaster is different. We have no billionaire owner or shareholders to consider. Our journalistic efforts are produced to serve the public interest in crypto development and institutional disruptions – not profit motives.

And we avoid the trap that befalls much U.S. and global media – the tendency, born of a desire to please all sides, to engage in false equivalence in the name of neutrality and retail consumer protection. While fairness and transparency dictates everything we do, we know there is a right and a wrong position in the fight against fiat global banking interest and monetary reconstruction precipitated by the emerging crypto ecology.

When we report on issues like the FTX, Binance and Ripple crisis, we’re not afraid to name who or what is uncovered. And as a crypto sentinel, we’re able to provide a fresh, outsider perspective on the global monetary disruption – one so often missing from the insular American and European media bubble. 

Around the world, readers can access the CryptoCaster’s paywall-free journalism because of our unique reader-supported model. That’s because of people like you. Our readers keep us independent, beholden to no outside influence and accessible to everyone – whether they can afford to pay for news and information, or not.

We thankyou for the on-going support our readers have bestowed monetarily. If you have not considered supporting CryptoCaster, if you can, please consider supporting us just once from $1 or more of Bitcoin (satoshi) or Eth, and better yet, support us every month with a little more. Scroll further down this page to obtain CryptoCaster’s wallet addresses.

Thank you.

Kristin Steinbeck
Editor, CryptoCaster

Please Read Essential Disclaimer Information Here.
© 2024 Crypto Caster provides information. does not provide investment advice. Do your research before taking a market position on the purchase of cryptocurrency and other asset classes. Past performance of any asset is not indicative of future results. All rights reserved.

Contribute to CryptoCaster℠ Via Metamask or favorite wallet. Send Coin/Token to Addresses Provided Below.
Thank you!
BTC – bc1qgdnd752esyl4jv6nhz3ypuzwa6wav9wuzaeg9g
ETH – 0x7D8D76E60bFF59c5295Aa1b39D651f6735D6413D
MATIC – 0x7D8D76E60bFF59c5295Aa1b39D651f6735D6413D
LITECOIN – ltc1qxsgp5fykl0007hnwgl93zr9vngwd2jxwlddvqt


You may also like