Certik Identifies Two Wallets Linked to CoinStats Exploit
Per blockchain security firm CertiK, the CoinStats hacker moved almost $1 million in stolen Ether to Tornado Cash. One wallet moved 211 ETH, while the other transferred 100 ETH to Tornado Cash, amounting to 311 ETH, valued at approximately $959,000.
Tornado Cash is known for anonymizing transactions and is a favored tool among those seeking to obscure the origins of their funds. The CoinStats security breach occurred on June 22 and impacted 1,590 crypto wallets. In response, CoinStats suspended user activity and took steps to isolate the security incident.
The company reassured users that none of the individual and centralized exchanges (CEXes) wallets were affected. However, CoinStats urged the affected users to move their funds using exported private keys.
By June 30, the company announced that it was optimizing its transaction database and transitioning to a different platform to enhance efficiency and reliability. Thus, it can restore functionality and ensure the platform’s security moving forward.
Back to Full Functionality
Last week, CoinStats reported that its platform functionalities were fully operational again. Meanwhile, CoinStats CEO Narek Gevorgyan revealed that the breach was likely the result of a socially engineered attack.
One of their employees was tricked into downloading malicious software onto a work computer, which compromised their AWS infrastructure. The hack’s impact on the community has been severe, with losses of millions of dollars. One wallet lost nearly $9 million in Maker (MKR) tokens.
Elliptic Exposes $11B Scam
In a related development, crypto compliance solutions firm, Elliptic, has exposed a money laundering and cyber scam network facilitated by Huione Guarantee, an online marketplace operated by the Cambodian conglomerate Huione Group. The marketplace’s transactions exceeded $11 billion.
However, a considerable portion is attributed to illicit activities, including money laundering and cyber scams. Huione Guarantee operates primarily in Chinese, leveraging thousands of instant messaging app channels managed by different merchants.
A significant finding of the Elliptic research is the platform’s predominant use of Tether (USDT) for transactions. Elliptic’s co-founder and chief scientist, Tom Robinson, explained that the blockchain’s transparency allows for the tracking and blocking of cryptocurrency transactions, making it feasible with traditional payment methods. This method also provides a unique advantage in detecting and preventing illicit activities.
Emerging Threats in AI and Crypto
Elliptic’s report also highlighted the increasing use of artificial intelligence for illicit activities, including state-sponsored cyberattacks and deepfake scams. Notably, fraudulent schemes involving deepfake videos of prominent figures, such as Elon Musk and former Singaporean Prime Minister Lee Hsien Loong, are becoming more common.
In response to the report, a Tether spokesperson criticized the analysts for publicizing their findings without engaging directly with regulators or law enforcement. The spokesperson argued that this approach limits the possibility of freezing illicit funds. The spokesperson noted that individuals and companies often prioritize recording wrongdoing for social media attention and fame over acting to stop it.