Hackers Funnel $4.3 Million from Remilia into Tornado Cash

Assets amounting to 1209.5 ETH (~$4.3 million), stolen from the Remilia DAO treasury, have been transferred to the cryptocurrency mixer Tornado Cash, according to experts at CertiK.

#CertiKInsight ?

We have seen a deposit of a total of 1209.5 ETH (~$4.3M) into https://t.co/0lwPdz0OWi that was traced to multiple compromised addresses in the Remilia incident on Mar 16th.

To learn more about the incident and other major private key compromises in March,… pic.twitter.com/ycPgPbPwGf

— CertiK Alert (@CertiKAlert) June 17, 2024

Experts traced the assets through several addresses linked to the breach of the organization behind the NFT project Milady Maker.

In March, the incident was initially reported by the X-account Dumpster DAO. Charlotte Fang, founder of Milady and Remilia, attributed the theft to “unknown malware” infiltrating her password manager. Consequently, the perpetrators accessed seed phrases and emptied several DAO wallets.

“Unfortunately, the compromise of private keys remains a primary cause of financial loss in the crypto space,” commented CertiK experts in their March report.

They noted that such incidents have become “commonplace” in 2024.

Before transferring the stolen Remilia assets to the mixing service, hackers sold NFTs from the Milady and Remio collections, accumulating funds in three wallets.

On May 14, a court in the Netherlands found Tornado Cash developer Alexey Pertsev guilty of laundering $1.2 billion and sentenced him to 64 months in prison. In the United States, charges have been filed against the platform’s co-founders, Roman Storm and Roman Semenov.

Ethereum co-founder Vitalik Buterin described Pertsev’s sentence as an “unfortunate” and “very sad” situation.