Blockchain security firm CertiK has linked roughly $63 million in Tornado Cash deposits to a $282 million cryptocurrency wallet compromise that occurred on January 10.
CertiK said its monitoring tools identified interactions with the crypto mixer connected to funds stolen during the exploit.
Investigators said the case has drawn widespread attention due to the scale of losses and the speed at which assets were moved across chains.
Analysis showed that a portion of the stolen Bitcoin was bridged to Ethereum, converted into Ether and distributed across multiple wallets.
CertiK found that at least 686 BTC was swapped cross-chain, resulting in around 19,600 ETH sent to a single Ethereum address.
The Ether was then fragmented into several addresses, with hundreds of ETH transferred from each before entering Tornado Cash.
The $63 million routed through the mixer represents only part of the total stolen funds, according to investigators.
“This flow follows the classic large-scale laundering playbook pretty closely,”
Marwan Hachem said.
“Tornado Cash is a major kill switch for traceability,”
Marwan Hachem said, adding that recovery chances “drop to near zero” once funds enter a mixer.
The January 10 theft was traced to a social engineering attack that led the victim to reveal a wallet seed phrase.
Blockchain investigator ZachXBT said the attacker impersonated wallet support staff and gained full control of the assets.
The compromised wallet reportedly held about 1,459 BTC and more than 2 million Litecoin at the time of the breach.
Security firm ZeroShadow said approximately $700,000 was frozen early in the laundering process, while most funds were successfully obscured.
At the time of reporting, Bitcoin price was $92,635.53.