- Bitrue hacker resurfaces after a year, laundering millions through Tornado Cash mixer
- Hot wallet risks reignite after Bitrue and KiloEX hacks shake crypto industry trust
- Blockchain analysts trace Bitrue hacker’s moves as laundered funds re-enter Ethereum markets
The hacker behind the $23 million Bitrue exchange breach has resurfaced, moving and laundering a significant portion of the stolen crypto after lying low for nearly a year.
Blockchain analytics firm Onchain Lens reported that the attacker recently offloaded $2.88 million worth of Shiba Inu (SHIB) and Holo (HOT) tokens to acquire 1,511 ETH at an average price of $1,911 per ETH.
Following the conversion, the hacker laundered 1,050 ETH—approximately $1.89 million—through Tornado Cash, a decentralized crypto mixer known for obfuscating fund flows. Despite the transactions, the attacker still controls roughly 5,111 ETH and 16.34 million DAI stablecoins, split across two wallets: 0xe2b5…3ed5 and 0x5026…ca97.
Related: Bybit’s Ben Zhou Provides Update on $1.4 Billion Hacked ETH/BTC Whereabouts
Hot Wallet Vulnerabilities Reignite Security Concerns
The hacker’s renewed activity has rekindled concerns around security practices at centralized exchanges, particularly the risks posed by hot wallets connected to the internet.
Hot wallets offer fast access for trading but remain more exposed to breaches compared to cold storage solutions.
Related: Hacker Mints, Steals $5M ZK Using Admin Key for Old ZKsync Airdrop
Bitrue’s 2024 Hack: A Recap
Singapore-based trading platform Bitrue disclosed the breach in April 2024, admitting an attacker drained approximately $23 million from one of its hot wallets. Stolen assets included Ethereum (ETH), Polygon (MATIC), Shiba Inu (SHIB), Quant (QNT), Gala (GALA), and Holo (HOT).
At the time, Bitrue assured customers that the compromised wallet accounted for less than 5% of total funds and that affected users would be fully reimbursed. However, the breach tarnished Bitrue’s reputation, especially considering the platform had already suffered a $5 million hack in 2019.
In March 2024, the attacker offloaded 4,207 ETH for approximately 1,634.5 DAI each, realizing a selling price around $3,885 per ETH, significantly higher than current market conditions.
Today’s sale of the remaining SHIB and HOT to acquire additional ETH appears to be part of a slow but methodical laundering strategy.
KiloEX Breach Highlights Growing DEX Security Risks
Meanwhile, decentralized exchanges (DEXs) are facing their own vulnerabilities. Just days ago, KiloEX, a decentralized exchange operating on the BNB Chain and opBNB, suffered a $7 million exploit due to a flaw in its oracle system.
The hacker manipulated KiloEX’s price feed, buying undervalued tokens and selling them at inflated prices before draining the platform’s liquidity.
As hackers become increasingly sophisticated in exploiting technical flaws and laundering stolen funds, industry players face mounting pressure to fortify their defenses and rebuild user trust.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
