Tornado Cash DAO Attacker Moves Stolen Ethereum

Paigambar Mohan Raj
Source: PCMag Australia

The Tornado Cash DAO Hacker has begun to move the stolen Ethereum (ETH) and Torn (TORN) tokens. On Wednesday night, 100 ether (ETH) and 38,000 torn (TORN) tokens were moved by addresses connected to the hacker. According to Etherscan data, the hacker used the Tornado Cash protocol for the movement.

An unnamed attacker, or attackers, took control of the DAO responsible for the privacy-focused crypto mixer’s operations on Saturday. The hacker also took control of the DAO’s funds and future plans. The attacker continues to have access to potentially all of Tornado Cash’s treasury cash and currently has over 20 ether ($35,684) in their wallet.

A fraudulent proposal was put out by the attacker, hiding a computer function that gave them a fake governance vote. Some components of Tornado Cash, including torn tokens held in the primary governance contract, were accessed using fake votes, and also the stolen Ethereum. The hacker could also withdraw locked torn tokens.

However, the Tornado Cash protocol itself is unaffected by the attack. Moreover, this assault did not take advantage of any smart contracts or other Tornado Cash-related technology.

Tornado Cash users sue the U.S. Treasure amid haker moving stolen Ethereum

Six Tornado Cash users have sued the U.S. Treasury for sanctioning the platform. As per the users, the sanctions violate the First Amendment. The plaintiffs contend that the Treasury lacks the jurisdiction to impose the mixer’s ban. Additionally, they claim that banning Tornado Cash infringes on the First Amendment’s protection of free expression. The individuals used open-source software to protect their privacy. According to the filing, punishing the crypto mixing platform is against US individuals’ fundamental rights.

As per the law which banned Tornado Cash, only a property might be blocked. However, the legal definition of a property is something that can be owned. But no one is able to own, manage, or alter the privacy-focused software. Founders, developers, and those who just so happen to have TORN in their wallets cannot alter or control the platform.

Last year, the US Treasury imposed restrictions on Tornado Cash under the pretext that the firm was being used to finance terrorism and enable money laundering.