According to cybersecurity firm PeckShield, the hacker who exploited liquidity provider TrustedVolumes for $6.7 million on May 7 has begun actively laundering stolen funds. The attacker has laundered $278,000 so far, depositing 10.2 ETH ($23,600) to TornadoCash and routing 110 ETH ($250,000) via THORChain to Bitcoin; they also attempted to deposit 0.5 ETH to Railgun but reversed the transaction.
Blockchain security firm QuillAudits attributed the exploit to a design flaw in TrustedVolumes’ custom order-settlement system, where three security guarantees—maker authorization, replay protection, and token source verification—failed simultaneously, allowing the attacker to drain millions in a single transaction. TrustedVolumes has expressed willingness to negotiate a resolution with the hacker.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Aurellion Labs Loses $456K on Arbitrum Due to Diamond Proxy Contract Flaw
According to GoPlus, decentralized shipping project Aurellion Labs was exploited recently due to an initialization vulnerability in its Diamond proxy contract on Arbitrum, resulting in a loss of $456,000. The project has temporarily suspended related
GateNews1h ago
Kelp DAO and Aave to Resume rsETH Operations; 117,132 rsETH to Be Progressively Refilled Over Two Weeks
According to Kelp DAO, on Tuesday the protocol announced it will resume rsETH operations in the coming days following the April 18 exploit that resulted in a $292 million loss. Kelp will progressively refill 117,132 rsETH—the amount stolen—from its Recovery Safe into the LayerZero OFT adapter on
GateNews1h ago
The Ethereum Foundation rolls out the Clear Signing security feature, with Ledger adopting it first
According to CoinTelegraph’s May 13 report, the Ethereum Foundation announced on Tuesday that the Clear Signing (plain-text signing) security feature released by the Ethereum community has been officially integrated into crypto platforms including Ledger, Trezor, MetaMask, Keycard, WalletConnect, Argot, and Fireblocks. Ethereum Foundation statement and background on blind-signing attacks In a Tuesday statement, the Ethereum Foundation said: “Approving transactions is supposed to be the last line
MarketWhisper2h ago
A Telegram username sold for a million-dollar price triggers a forged USDT phishing attack
According to Bits.media, reported on May 13, multiple Telegram usernames and virtual vanity numbers were sold on the Fragment auction platform at record-high TON token prices; within a few hours after the trades, the attacker launched a forged USDT attack on users of the TON blockchain NFT trading platform Getgems. A Chinese collector reportedly lost more than $800k in a virtual-number code. Fragment Platform Vanity Number Deal Records According to Bits.media, the major completed deals on the Fr
MarketWhisper5h ago
Telegram Usernames Sell for Record $2.1 Million in TON, Followed by Phishing Attacks
According to Bits.media, Telegram usernames and premium numbers sold for record-high prices in TON tokens on May 13, with @danbao fetching 1.58 million TON (approximately $2.1 million) from an anonymous buyer last weekend, marking the platform's highest transaction. Other premium numbers
GateNews6h ago
Aave and Kelp Complete First Step of rsETH Recovery, Destroy 117,132 rsETH on Arbitrum
According to ChainCatcher, Aave and Kelp have completed the first phase of their rsETH recovery plan, destroying attacker-held rsETH on Arbitrum. Over the coming days, the parties will gradually replenish funds to LayerZero's OFT adapter and phase in the restart of rsETH operations, with 117,132 rsE
GateNews7h ago
