500,000 DAI From DAO Maker Exploit Was Sent Through Tornado Cash, Security Analysts Report

On September 8, the crypto security and smart contract auditing firm Certik revealed that 500,000 DAI was sent through the Tornado Cash mixing platform after the funds were stolen in August 2021. The digital assets originally stemmed from the DAO Maker breach that saw the loss of more than $7 million in ERC20 tokens and stablecoins.

Address Directly Connected to DAO Maker Hack Sends 500,000 DAI Through Tornado Cash

Despite the U.S. government banning the Ethereum-based mixing application Tornado Cash, the application is still used regularly. On Thursday, the crypto security company Certik tweeted at 7:30 p.m. (ET) about the movement of DAI. “We are seeing a movement of 500,000 DAI to Tornado Cash from EOA 0x0B789,” Certik said. “The address is directly connected to the DAO Maker exploiter who stole funds from [the DAO Maker]. Stay safe out there.”

500,000 DAI From DAO Maker Exploit Was Sent Through Tornado Cash, Security Analysts Report
Image shared by Certik on September 8, 2022.

DAO Maker is a crowdfunding decentralized finance (defi) application and is not the same project as Makerdao, the issuer of the stablecoin DAI. The crypto-fueled fundraising protocol DAO Maker was hacked in August 2021, according to an ask-me-anything (AMA) event featuring DAO Maker’s CEO Christoph Zaknun. The hackers were able to siphon $7 million in ERC20 tokens and stablecoins from 5,251 user accounts. At the time, the blockchain firm Cipherblade detailed it was conducting an investigation into the DAO Maker exploit.

In addition to Certik, the crypto security firm Peckshield confirmed that 500,000 DAI stemming from the August 2021 DAO Maker exploit was sent through Tornado Cash. “Peckshield has detected the address labeled as DAO Maker exploiter has transferred 500K DAI to Tornado Cash,” the Peckshield alert system on Twitter noted. It’s been 32 days since the U.S. Treasury Department’s watchdog the Office of Foreign Asset Control (OFAC) banned Tornado Cash.

OFAC’s move to ban Tornado Cash was met with criticism toward the Treasury Department’s decision. The non-profit that focuses on policy issues, Coin Center, said on August 15 that OFAC’s Tornado Cash ban “exceeds statutory authority,” and said the organization planned to “engage” with the Treasury watchdog. Furthermore, Coinbase announced on September 8, that the company is “funding a lawsuit brought by six people challenging the U.S. Treasury Department’s sanctions of the Tornado Cash smart contracts.”

Tags in this story
7 million, Breach, certik, Christoph Zaknun, Coin Center, Coinbase, crypto assets, Crypto Security, crypto security company Certik, DAI, DAI Tornado Cash, DAO Maker, ERC20s, Exploit, Funds, Hack, OFAC, Office of Foreign Asset Control (OFAC), Peckshield, Stablecoins, Tornado cash, Tornado Cash mixing, Treasury watchdog

What do you think about the 500,000 DAI shuffled through the Tornado Cash platform stemming from the DAO Maker project? Let us know what you think about this subject in the comments section below.

Jamie Redman

Jamie Redman is the News Lead at krakow3d.com News and a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written more than 6,000 articles for krakow3d.com News about the disruptive protocols emerging today.




Image Credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. krakow3d.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

Read disclaimer