The hacker involved in a major theft from Voltage Finance has transferred some of the stolen funds to Tornado Cash. The address used for the transfer has not been active since November, and the last transaction occurred 166 days ago.
Voltage Finance Exploit
In March 2022, an attacker took advantage of a built-in callback function in the ERC677 token standard. Various stablecoins and cryptocurrencies were stolen, including USDC, BUSD, wrapped Bitcoin, and Ethereum tokens.
Security Measures and Refund Attempts
Voltage Finance responded quickly to the incident. The attacker’s address was noted on Etherscan, and the project offered exchanges to block transactions from this address. Attempts were also made to contact the hacker and negotiate a reward for the return of some of the stolen funds.
Other Voltage Finance Incidents
In addition to this incident, Voltage Finance’s simple staking pools were hacked on March 18th, and $322,000 was stolen. In response to this incident, Voltage Finance offered a $50,000 reward to the attacker and revoked the access of the developer who may have been involved in the hack.
Total Crypto Losses
Crypto losses increased by 1,163% in April, with the heist of a senior citizen’s wallet accounting for the largest share. Excluding this attack, crypto losses in April totaled $34 million.
Refunds
Despite the increase in losses, over $18 million was recovered in April, including funds stolen from the decentralized exchange KiloEx. The ZKsync Association recovered $5 million in stolen funds after a security incident on April 15th.
