News linked to both this project and an event.
According to on-chain security firm CertiK (@CertiKAlert), the Gravity Bridge attacker recently deposited another 1,180 ETH (approximately $2.06 million) into Tornado Cash. Earlier, on May 30, the attacker exploited the permissionless deployERC20() function by forging the Osmosis token string, tampering with the token registry, and mapping fake balances to real custodial assets—thereby stealing approximately 2,600 ETH (around $5.4 million) from Gravity Bridge. To date, 2,020 ETH of the stolen funds have been transferred to Tornado Cash via two externally owned accounts (EOAs); the remainder has been dispersed across centralized exchanges, making fund recovery significantly challenging.
according to monitoring by Specter Analyst, a high-net-worth investor holding significant assets on Kraken and Coinbase exchanges fell victim to an alleged personal intimidation attack, resulting in total losses of approximately $6.7 million across various assets.The attacker withdrew 1,554 ETH (approximately $3.3 million) and 10.5 BTC from the user's Kraken account. Simultaneously, the attacker also breached the user's Coinbase defenses, withdrawing 34.1 cbBTC. Subsequently, the attacker directly deposited over $5.3 million of the stolen funds into the privacy protocol Tornado Cash to obfuscate the transaction trail. (financefeeds)
According to on-chain analyst PeckShield (@PeckShieldAlert), Echo Protocol was hacked on Monad. The attacker minted 1,000 $eBTC out of thin air (valued at approximately $76.7 million), then deposited 45 $eBTC (approximately $3.45 million) into Curvance and used it as collateral to borrow roughly 11.29 $WBTC (approximately $867,700). The attacker subsequently bridged the $WBTC cross-chain to Ethereum, swapped it for $ETH, and laundered 384 ETH (approximately $821,700) via Tornado Cash.
According to Onchain Lens monitoring, Echo Protocol on Monad has been attacked. The attacker minted 1000 eBTC, worth $76.7 million, and withdrew the funds through Curvance via a previously tested attack path.As of now, the attacker has deposited 45 eBTC as collateral into Curvance and borrowed approximately 11.29 WBTC, worth $867,700; the attacker then cross-chained this portion of WBTC to Ethereum, swapped it for ETH, and transferred 385 ETH (worth approximately $818,000) to Tornado Cash. The attacker currently appears to still control a large amount of the minted eBTC.
According to on-chain analyst PeckShield (@PeckShieldAlert), the TrustedVolumes attacker has laundered approximately $278,000 of stolen funds to date, including depositing 10.2 ETH (approx. $23,600) into Tornado Cash and swapping 110 ETH (approx. $250,000) for BTC via THORChain. Additionally, the attacker attempted to deposit 0.5 ETH into Railgun but subsequently withdrew it. TrustedVolumes was attacked on May 7, resulting in losses of approximately $6.7 million.
According to on-chain analyst Onchain Lens (@OnchainLens), a whale address swapped 40 BTC (approximately $3.23 million) for 1,384.6 ETH via THORChain, then transferred the funds into Tornado Cash for coin mixing.
According to Cointelegraph, Coinbase has been sued in a U.S. federal court in California over frozen funds linked to a $55 million DAI phishing theft that occurred in 2024. The plaintiffs allege that some traceable stolen funds—after being mixed via Tornado Cash—were deposited into Coinbase retail user accounts and remain frozen. Coinbase states it can only release the assets after a court rules on their ownership. The complaint also links the theft to the malicious wallet drainer platform Inferno Drainer. Victims had engaged Zero Shadow and Five Stones Intelligence to track the stolen funds.
According to monitoring by on-chain analyst Specter, the Wasabi Protocol attacker has deposited all stolen funds into Tornado Cash, moving approximately $5.9 million into Tornado Cash. Additionally, North Korean hacking groups have also used Tornado Cash to launder stolen funds from KelpDAO and LayerZero. Their process involved first cross-chaining the assets to Bitcoin, then routing them through Wasabi Mixer, extracting and cross-chaining back to Ethereum, depositing into Tornado Cash, subsequently withdrawing to new wallets and dispersing across multiple addresses. The new wallets then deployed tokens, used the stolen funds to buy in, removed liquidity from the deployment wallet, cross-chained to Tron (USDT), held for several hours or days, and finally sent to OTC-related wallets.
according to on-chain analyst Ai Yi's monitoring, an address linked to the Balancer attacker has transferred 5,609 ETH, worth $13 million, to THORChain over the past 9 hours. In November 2025, Balancer was hacked for over $116 million, a incident with the same suspected culprit as the Aave attack, both pointing to the North Korean hacker group Lazarus Group. Both entities have recently been frequently using Tornado Cash for money laundering.
According to on-chain analyst Ai Yi's monitoring, the Venus attacker transferred 2,301 ETH (approximately $5.32 million) to address 0xa21…23A7f 11 hours ago. Subsequently, the funds were laundered in batches via Tornado Cash. Currently, there is still $17.45 million worth of ETH remaining on-chain.
According to on-chain analytics platform Arkham (@arkham), the attacker who exploited the Bridged Polkadot vulnerability has transferred all stolen funds to Tornado Cash, amounting to approximately $269,000.