Attackers use a new method to launder cryptocurrency, masking their actions to mistakes of inexperienced traders. This is written by DL News with reference to experts.
Hackers create swaps vulnerable to the attacks of arbitration bots, which they themselves control. Similar tactics are used by hackers from Lazarus Group
These transactions have all the characteristics that are usually associated with money laundering, said Yegor Ruditsa blockchain security researcher.
The expert revealed many transactions from wallets, which, according to him, caused “serious suspicions” because they conducted funds through Fixedfloat and Changenow – two cryptomixers popular among money launders.
The scheme uses USDC and USDT stabilcoins using a multi -stage process.
First, several wallets are contributed and removed through AAVE. After removing the assets from the protocol, the launders add “stable coins” to the trading pool on the Uniswap decentralized exchange.
Typically, stablecoins are traded at about the same price, since they are tied to the cost of the dollar. However, launders set up trading pools on Uniswap so that their own bot can interfere in transactions.
In one example, attackers exchanged $ 90,000 in USDC for $ 2300 in USDT – having lost $ 87,700. Although the wallet that sent the transaction carries losses, the lost amount is compensated by the profit from the arbitration, which is received by the controlled launders.
Ruditsa said that he identified six such transactions spent through the same trading pool for only five minutes, which indicates organized activities.
Hackers use other methods. For example, a sandwich attack is used when the bots redeem tokens to large transactions, and then they sell them with a margin.
Another scheme is work with low -liquid assets. In one of the cases recorded by experts, the address involved in Lazarus used WAFF and USDT. As a result, Tether blocked the Uniswap pool associated with token.
On March 13, Lazarus hackers sent 400 ETH (~ $ 752,000) to the Tornado Cash cryptomyxer. The initial address received funds through the ThorChain protocol, which the group actively used in the laundering schemes of funds stolen from BYBIT.
Be in the know! Subscribe to Telegram.
Source: Cryptocurrency
I am an experienced journalist and writer with a career in the news industry. My focus is on covering Top News stories for World Stock Market, where I provide comprehensive analysis and commentary on markets around the world. I have expertise in writing both long-form articles and shorter pieces that deliver timely, relevant updates to readers.
