About two years after AnubisDAO was rug-pulled for 13.5K ETH, the funds have been moved via Tornado Cash, a decentralized protocol that enhances the privacy of on-chain activities. The dog-inspired decentralized finance project’s funds were drained in October 2021 after only 20 hours of the project going live.
Etherscan showed that the funds moved on Tornado Cash between July 15 and 16, as PeckShieldAlert reported. The address, still holding funds from the rug pull, moved them in 100 ETH each transaction.
The recent incident marked the second time the funds had been moved from the account since AnubisDAO was drained. In June last year, the same address moved 1,097 ETH ($1.3 million) to another address and laundered 1,018 ETH ($1.18M) through Tornado Cash.
AnubisDAO rug pull saga
Initially, when AnubisDAO’s funds were drained, it was suspected to be a phishing attack. However, Crypto Twitter began speculating on being a rug pull since the Twitter account associated with the suspect’s address, @Beerus, was deleted after the funds were stolen.
The alleged account owner, however, later tweeted from a different account and published an image of an email that they claimed had a malicious PDF attachment. According to the tweet, the individual in question may have compromised his private keys by opening the file, giving the exploiter access to the money generated during the token sale.
According to one of the DAO leaders, @0xSisyphus, it was a mistake to give one developer full control of the liquidity pool. Later on, Sisyphus revealed that the suspect developer went to the Hong Kong police and filed a report. In addition, real-world data on the identity of Beerus was being investigated and would be released. However, it has since never been revealed. In a now-deleted post, the leader even promised 1,000 ETH to anyone who could locate the owner of the address who emptied the pool.
Tornado Cash has seen increased use by crypto hackers
Hackers and cryptocurrency scammers are becoming increasingly accustomed to using Tornado Cash. In March of this year, over $600 million in ether was stolen from the well-known P2E game Axie Infinity in one of the biggest cryptocurrency breaches in history, which is thought to have been carried out by hackers for the North Korean government. Later, the criminals used Tornado Cash to launder about $100 million.
According to cybersecurity threat researcher Arda Akartuna of blockchain tracking company Elliptic, about a third of the $3.5 billion that has moved via Tornado Cash has been “laundered” through the protocol. Unsurprisingly, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned the tool for crypto transactions and arrested its developer, Alexy Pertsev, in February 2023.
