The alleged perpetrators of the $6 million attack on decentralized finance lending protocol Lendhub have just sent over half of their ill-gotten January profits to cryptocurrency mixer Tornado Cash.
Blockchain security firms PeckShield and Beosin alerted their respective supporters to the movement of funds on February 27, noting that Around 2,415 Ether (ETH), valued at about $3.85 million, were sent to Tornado Cash from a wallet connected to the January 12 exploit.
#PeckShieldAlert ~2,415.4 $ETH (~3.85M) into Tornado Cash from @LendHubDefi exploiters
LendHub was exploited, and $6M worth of cryptos was stolen from its protocol on Jan. 12. https://t.co/vDxHlTgR0o pic.twitter.com/8FZY3v2Fe3— PeckShieldAlert (@PeckShieldAlert) February 27, 2023
#PeckShieldAlert ~2,415.4 ETH (~$3.85 million) arrived in Tornado Cash from @LendHubDefi exploiters. LendHub was exploited, and $6 million worth of cryptocurrency was stolen from its protocol on January 12.
PeckShield previously reported that the LendHub exploit was the biggest in January; USD 6 million was stolen from the protocol.
The on-chain intelligence company Beosin tweeted that the latest movement means a total of 3,515.4 ETH, currently valued at over $5.7 million, has been sent to Tornado Cash by the exploiter since January 13.

Tornado Cash is a cryptocurrency mixing service that attempts to anonymize Ethereum transactions by combining large amounts of Ether before depositing the sums to other addresses.
The service was sanctioned on August 8 by the US Office of Foreign Assets Control (OFAC) for its alleged role in laundering money from criminal activities.
Despite the sanctions and the closure of the service’s website, Tornado Cash continues to function and be used as it is a smart contract hosted on a decentralized blockchain.
A January report from blockchain analytics firm Chainalysis said that hacks and scams once contributed to about 34% of all inputs to the mixer and that inputs at times reached around $25 million a day, but that they dropped by 68% in the 30 days following the sanctions.
Bad actors in the sector continue to frequent the service. Recently, On February 20, the operator of an Arbitrum-based DeFi project transferred more than $1.86 million in ill-gotten cryptocurrency to Tornado Cash.
The well-known group of North Korean hackers Lazarus Group often sends large sums of money to mixers like Tornado Cash and Sinbad.
A Chainalysis report from early February claimed that exploited funds from North Korean hackers “are moving to mixers at a much higher rate than funds stolen by other individuals or groups.”
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information presented here should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Keep reading:
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the entire amount invested may be lost. The services or products offered are not directed or accessible to investors in Spain.