close
close

PancakeBunny exploiter transfers $2.9 million via Tornado Cash

In a new update, the exploiter of the PancakeBunny project was found to be actively transferring large amounts via Tornado Cash. The exploiter of the $45 million exploit in May 2021 continues to move large sums of stolen funds, which has caught the attention of the crypto community after years of inactivity.

On Sunday, the perpetrator of the PancakeBunny attack sent 1002 ETH, around $2.9 million, via Tornado Cash, a popular platform for hiding transaction information. Security firm CertiK Alerts, which alerted the public to this transaction, also said that these funds were transferred via the wallet address 0xd0f2259e0bd71e849143bbc07f4e427bb6f7756b.

The Bunny Finance Exploit: A Summary

The PancakeBunny exploit in May 2021, which caused users to lose around $45 million, was a flash loan-based attack in which the attacker managed to influence the price of BUNNY tokens by using a large amount of assets from PancakeSwap.

The exploiter’s actions included price manipulation through flash loan attacks that inflated the price of BUNNY tokens. They later released the inflated tokens to the market, pushing the price down to almost zero and slowly pocketing a good percentage of the profits.

Current stocks of the exploiter

However, since the attacker transferred a significant portion of the embezzled funds, he still owns $11.4 million in DAI in the wallet address 0x820C.

This case highlighted the role of Tornado Cash in concealing the original origin of the lost funds and the general difficulties experienced by regulators and security experts individually when attempting to track down and recover lost cryptocurrencies. Although Tornado Cash can be safely used by ordinary individuals to protect their privacy, it is also commonly used by cybercriminals to launder money.

Also read: Notorious Pink Drainer falls victim to $30,000 address poisoning scam