Hacker Funnels Illicit RocketSwap Gains Through DEX and CEX


Hacker Funnels Illicit RocketSwap Gains Through DEX and CEX

The Ethereum address linked to the hacker behind the recent $865,000 theft of funds from decentralized exchange (DEX) RocketSwap has moved the stolen assets through various laundering techniques, according to blockchain tracker PeckShieldAlert.

#PeckShieldAlert #RocketSwap Exploiter-labeled address on #Ethereum has laundered ~169 $ETH into #TornadoCash, bridged ~86 $ETH to #Arbitrum & #BNBChain and then transferred them to #Binance (~347.9 $BNB & ~34 $ETH) & #OKX (~9K $USDT) and swapped ~2 $ETH for $TIP and transferred… pic.twitter.com/t3MIcvahD1

— PeckShieldAlert (@PeckShieldAlert) October 18, 2023

On August 14, RocketSwap was compromised when private keys were brute-forced, enabling the creation of memecoin LoveRCKT and the transfer of proceeds to Uniswap. The incident was initially believed to potentially be a rug-pull scam by developers.

Following the hack, PeckShieldAlert reported that 169 ETH was laundered through the privacy protocol TornadoCash. Additional amounts were bridged to layer-2 networks Arbitrum and Binance Smart Chain.

Over 347 BNB and 34 ETH were then deposited on the major centralized exchanges, Binance and OKX. Smaller amounts were swapped for TIP tokens and sent to exchange MEXC.

The tracking of the stolen funds by PeckShieldAlert illustrates how DEX hacks can quickly disperse assets across layer-1s, layer-2s, decentralized platforms, and centralized venues in an effort to obscure the money trail.

RocketSwap is still working to recover from the security breach and prevent future attacks. However, the hacker has shown their ability to utilize a matrix of services to wash and cash out proceeds. The incident highlights the ongoing challenges posed by DEX vulnerabilities and sophisticated laundering tactics.

Moreover, comments on X (Twitter) and Telegram were turned off by the project. Following the exploit, the team received substantial community backlash for disabling communication. The compromise occurred when RocketSwap placed private keys on a server, which was widely criticized due to its poor security measures.

Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.


Leave A Reply

Your email address will not be published.