Considering the magnitude of funds changing hands in the cryptocurrency market every day, cybercrime and money laundering are abundant, with one of the most infamous such incidents involving the crypto mixing service Tornado Cash (TORN).
As it happens, Tornado Cash has found itself in the midst of a scandal implicating it in the attacks on Ethereum (ETH) blockchain bridges, including Harmony’s Horizon bridge, by the North Korea-sponsored Lazarus Group.
To make things worse for the mixer, new data has come to light that shows that Tornado Cash has so far received 74.7% of the total funds laundered on the Ethereum network, or up to 300,160 ETH, according to the 2022 Mid-Year Blockchain Security and AML Analysis Report by blockchain security firm SlowMist.
As for the rest of the funds, about 24% of them (95,570 ETH) are still in hackers’ wallets, whereas 1.5% (6,250 ETH) have been sent to a trading platform.
Source of the initial funding for the attacks
In addition, the research has also discovered that Tornado Cash accounts for the largest chunk of the initial funding for money laundering incidents on the Ethereum and Bitcoin (BTC) networks.
As per the SlowMist report, the suspicious withdrawals connected to these security incidents also took place from crypto exchanges, certain trading platforms, and even individuals’ personal crypto wallets.
Tornado Cash and its use in money laundering
Notably, Tornado Cash seems to have been used to launder over $7 billion worth of digital assets since its creation in 2019, including the assets stolen by the Lazarus Group, forcing the United States Treasury Department to place sanctions on the mixing service in early August.
That said, the situation that has led to this outcome could get further out of hand as blockchain experts, including a former FBI intelligence analyst, have predicted that the North Korean crypto hacking problem would worsen.
It is also worth mentioning that Tornado Cash was earlier used to move $80 million in digital assets stolen from the Ethereum-based stablecoin protocol Beanstalk Farms in a mid-April flash loan attack, as Finbold reported.