Garden Finance exploiter moves $6.65M to Tornado Cash after $10.8M hack

Key Takeaways

The place did the stolen funds go?

The Backyard Finance exploiter transferred among the funds to Twister Money, whereas one attacker tackle nonetheless holds roughly $910,000 in stolen belongings.

Why is that this exploit particularly controversial?

Earlier than the hack, ZachXBT accused Backyard Finance of laundering funds from main breaches, making Backyard each an accused facilitator and sufferer.

The hacker behind the Backyard Finance exploit has transferred $6.65 million value of stolen crypto to Twister Money. 

Supply: CertiK

Safety agency CertiK tracked the actions right now, revealing the exploiter despatched 501 BNB and 1,910 ETH by way of the privateness mixer.

One attacker’s tackle nonetheless holds roughly $910,000 in stolen funds.

The unique assault

Backyard Finance suffered an exploit on 31 October. AMBCrypto reported that hackers drained $10.8 million throughout a number of blockchains, together with Arbitrum, Ethereum, and Solana. Blockchain investigator ZachXBT first noticed the unauthorized withdrawals.

The group supplied a ten% white-hat bounty to the attacker, however the hacker by no means responded. As an alternative, they started laundering the stolen funds by way of Twister Money this week.

Backyard Finance group claims solver compromise

Backyard Finance co-founder Jaz Gulati posted an replace on 5 November 5. He insisted the breach hit solely a third-party solver’s web2 infrastructure, not Backyard’s core contracts.

“No person funds or protocol contracts had been affected,” Gulati wrote. “All programs carried out as supposed underneath failure circumstances.”

The group outlined plans to revive operations, strengthen solver safety, and onboard further unbiased solvers for redundancy.

On-chain proof tells a distinct story

ZachXBT disputed Backyard’s model of occasions. He shared screenshots of an on-chain message from a Backyard deployer tackle to the attacker. The message admitted “our programs have been compromised throughout a number of blockchains.”

The contradiction between the group’s public assertion and the on-chain message raised questions in regards to the true scope of the breach.

Cash laundering allegations

Earlier than the exploit, ZachXBT had accused Backyard Finance of processing stolen funds. He claimed over 25% of Backyard’s exercise concerned laundered cash from main hacks, together with the $1.4 billion Bybit breach.

Former Ren Protocol builders constructed Backyard Finance. Ren beforehand processed over $540 million in illicit funds earlier than being delisted by main exchanges.

Investigators suspect the DPRK-linked hacker group “Harmful Password” orchestrated the Backyard assault.

What’s subsequent?

The platform has not addressed the most recent fund actions to Twister Money. With hundreds of thousands now combined by way of a privateness protocol, restoration prospects seem slim.

The incident highlights ongoing safety challenges in cross-chain DeFi infrastructure and the dangers protocols face when processing questionable fund flows.