News linked to both this project and an event.
blockchain security analyst Specter posted on X platform, stating that an old liquidity pool of the Solana DeFi protocol Raydium is suspected of being attacked, with the attacker stealing approximately $1.34 million in assets, mainly including USDC, RAY, and wSOL. Currently, the hacker has transferred the stolen funds to Ethereum via a bridge and subsequently deposited them into Tornado Cash for mixing.
According to on-chain security firm CertiK (@CertiKAlert), the Gravity Bridge attacker recently deposited another 1,180 ETH (approximately $2.06 million) into Tornado Cash. Earlier, on May 30, the attacker exploited the permissionless deployERC20() function by forging the Osmosis token string, tampering with the token registry, and mapping fake balances to real custodial assets—thereby stealing approximately 2,600 ETH (around $5.4 million) from Gravity Bridge. To date, 2,020 ETH of the stolen funds have been transferred to Tornado Cash via two externally owned accounts (EOAs); the remainder has been dispersed across centralized exchanges, making fund recovery significantly challenging.
according to monitoring by Specter Analyst, a high-net-worth investor holding significant assets on Kraken and Coinbase exchanges fell victim to an alleged personal intimidation attack, resulting in total losses of approximately $6.7 million across various assets.The attacker withdrew 1,554 ETH (approximately $3.3 million) and 10.5 BTC from the user's Kraken account. Simultaneously, the attacker also breached the user's Coinbase defenses, withdrawing 34.1 cbBTC. Subsequently, the attacker directly deposited over $5.3 million of the stolen funds into the privacy protocol Tornado Cash to obfuscate the transaction trail. (financefeeds)
According to CertiK monitoring, the attacker of cross-chain aggregation protocol Transit Finance has deposited 832.9 ETH into Tornado Cash, valued at approximately $1.8 million.
According to on-chain analyst PeckShield (@PeckShieldAlert), Echo Protocol was hacked on Monad. The attacker minted 1,000 $eBTC out of thin air (valued at approximately $76.7 million), then deposited 45 $eBTC (approximately $3.45 million) into Curvance and used it as collateral to borrow roughly 11.29 $WBTC (approximately $867,700). The attacker subsequently bridged the $WBTC cross-chain to Ethereum, swapped it for $ETH, and laundered 384 ETH (approximately $821,700) via Tornado Cash.
According to Onchain Lens monitoring, Echo Protocol on Monad has been attacked. The attacker minted 1000 eBTC, worth $76.7 million, and withdrew the funds through Curvance via a previously tested attack path.As of now, the attacker has deposited 45 eBTC as collateral into Curvance and borrowed approximately 11.29 WBTC, worth $867,700; the attacker then cross-chained this portion of WBTC to Ethereum, swapped it for ETH, and transferred 385 ETH (worth approximately $818,000) to Tornado Cash. The attacker currently appears to still control a large amount of the minted eBTC.
According to PeckShield monitoring, the Verus-Ethereum Bridge has been hacked, resulting in the loss of assets including 103.6 tBTC, 1,625 ETH, and 147,000 USDC. The hacker subsequently swapped the stolen assets for approximately 5,402.4 ETH. The attacker's address received an initial 1 ETH approximately 14 hours ago via the mixing protocol Tornado Cash.
the deliberation of the "Cryptocurrency Market Structure Act" (i.e., the CLARITY Act) has commenced in the U.S. Senate Banking Committee. As of now:1. An amendment proposed by Senator Mike Rounds to create an AI regulatory sandbox was passed with 15 votes in favor and 9 against, indicating some bipartisan support, despite Senator Elizabeth Warren urging Democratic members to vote against it.2. An amendment proposed by Elizabeth Warren, aimed at "preventing high-risk assets from entering retirement accounts," was rejected with 11 votes in favor and 13 against.3. An amendment previously proposed by Senator Katie Britt of Alabama, which would have allowed certain retirement accounts to invest in pooled investment vehicles, was withdrawn before the vote.It is reported that one of the most contentious amendments comes from Elizabeth Warren, concerning the strengthening of sanctions authority over cryptocurrency mixers. In her remarks, she referenced the U.S.-sanctioned mixing protocol Tornado Cash, stating it has been used to launder over $7 billion for criminal organizations and North Korean hacker groups, including over $450 million in related funds. Warren argued that the current bill does not grant the U.S. Treasury Department sufficient legal authority to isolate or restrict mixer services, potentially creating loopholes in anti-money laundering oversight. In response, Cynthia Lummis countered that the illegal financial activities are already covered in Parts Two and Three of the bill.
According to on-chain analyst PeckShield (@PeckShieldAlert), the TrustedVolumes attacker has laundered approximately $278,000 of stolen funds to date, including depositing 10.2 ETH (approx. $23,600) into Tornado Cash and swapping 110 ETH (approx. $250,000) for BTC via THORChain. Additionally, the attacker attempted to deposit 0.5 ETH into Railgun but subsequently withdrew it. TrustedVolumes was attacked on May 7, resulting in losses of approximately $6.7 million.
According to Cointelegraph, Coinbase has been sued in a U.S. federal court in California over frozen funds linked to a $55 million DAI phishing theft that occurred in 2024. The plaintiffs allege that some traceable stolen funds—after being mixed via Tornado Cash—were deposited into Coinbase retail user accounts and remain frozen. Coinbase states it can only release the assets after a court rules on their ownership. The complaint also links the theft to the malicious wallet drainer platform Inferno Drainer. Victims had engaged Zero Shadow and Five Stones Intelligence to track the stolen funds.
According to monitoring by on-chain analyst Specter, the Wasabi Protocol attacker has deposited all stolen funds into Tornado Cash, moving approximately $5.9 million into Tornado Cash. Additionally, North Korean hacking groups have also used Tornado Cash to launder stolen funds from KelpDAO and LayerZero. Their process involved first cross-chaining the assets to Bitcoin, then routing them through Wasabi Mixer, extracting and cross-chaining back to Ethereum, depositing into Tornado Cash, subsequently withdrawing to new wallets and dispersing across multiple addresses. The new wallets then deployed tokens, used the stolen funds to buy in, removed liquidity from the deployment wallet, cross-chained to Tron (USDT), held for several hours or days, and finally sent to OTC-related wallets.
Odaily reports, according to Arkham monitoring, the Kyber Network hacker is transferring stolen funds into Tornado Cash. The hacker, Andean Medjedovic, stole $48.8 million from KyberSwap in late 2023. He had also previously attacked Indexed Finance and stolen $16.5 million. He was indicted by the FBI in 2025.
According to an official disclosure by ZetaChain, on April 27, ZetaChain suffered a targeted vulnerability exploit. The attacker first acquired funds via Tornado Cash and performed wallet address spoofing, then exploited a vulnerability in GatewayEVM’s arbitrary call functionality, resulting in approximately $334,000 in losses across four connected chains. ZetaChain stated that this attack did not affect cross-chain $ZETA transfers; all affected wallets were under ZetaChain’s internal control, and user funds remained unaffected. A patch for the mainnet has now been deployed, and cross-chain transactions will resume after ongoing monitoring.
according to on-chain analyst Ai Yi's monitoring, an address linked to the Balancer attacker has transferred 5,609 ETH, worth $13 million, to THORChain over the past 9 hours. In November 2025, Balancer was hacked for over $116 million, a incident with the same suspected culprit as the Aave attack, both pointing to the North Korean hacker group Lazarus Group. Both entities have recently been frequently using Tornado Cash for money laundering.
According to Onchain Lens monitoring, the Balancer attacker, dormant for five months, has transferred 100 ETH (approximately $233,000) to a new address and begun transferring funds through Tornado Cash.The attacker currently still holds 21,900 ETH, valued at approximately $51.13 million.
According to on-chain analyst Ai Yi's monitoring, the Venus attacker transferred 2,301 ETH (approximately $5.32 million) to address 0xa21…23A7f 11 hours ago. Subsequently, the funds were laundered in batches via Tornado Cash. Currently, there is still $17.45 million worth of ETH remaining on-chain.
On-chain investigator ZachXBT updated that funds related to the KelpDAO attack have begun moving: approximately $1.5 million has been cross-chained from Ethereum Mainnet to the Bitcoin network via Thorchain, and roughly $78,000 has been transferred via Umbra. The attacking address initially sourced its funds from Tornado Cash, and fund laundering and cross-chain transfers are ongoing.
According to Cointelegraph, stablecoin issuer Circle faces a class-action lawsuit in the U.S. District Court for the District of Massachusetts for failing to freeze stolen funds during the Drift Protocol hack on April 1. Plaintiffs allege that attackers transferred approximately $230 million worth of USDC from Solana to Ethereum via Circle’s cross-chain transfer protocol (CCTP) within hours—and that Circle failed to intervene. The lawsuit accuses Circle of aiding and abetting conversion and of negligence. Cryptocurrency analytics firm Elliptic previously suspected the attack may be linked to North Korea–backed hackers; the stolen funds were subsequently converted into ETH and laundered through Tornado Cash.
According to on-chain analytics platform Arkham (@arkham), the attacker who exploited the Bridged Polkadot vulnerability has transferred all stolen funds to Tornado Cash, amounting to approximately $269,000.