Those behind the theft of 342,000 Ethereum from South Korean cryptocurrency exchange Upbit have started spreading the funds to various ETH addresses.
The move was capture by Whale Alert, a Twitter bot following large transactions on the blockchains of major cryptocurrencies. Digging into the addresses that contained the stolen ether it’s possible to see the hacker(s) spread out the funds by sending chunks of little over 1,000 ($146,700) and 10,000 ether (($1.46 million) to other addresses.
⚠ 10,000 #ETH (1,468,690 USD) of stolen funds transferred from Upbit Hack Nov 2019 to unknown wallet
— Whale Alert (@whale_alert) December 3, 2019
The hacker(s) may be trying to spread out the stolen ether in an effort to escape the public’s eye and conceal were the funds came from over the course of several transactions, as various cryptocurrency exchanges have pledged to freeze funds if they are deposited on their platforms.
So far, those behind the hack have transferred small amounts of ether to several trading platforms, including Binance and Huobi, trying to test whether or not the funds will be frozen. Trying to hide the funds came from the Upbit hack may be a strategy to try and cash them out
Another option would be decentralized cryptocurrency exchanges. As CryptoGlobe reported those behind the Cryptopia hack managed to cash out over $2 million through a decentralized exchange. While centralized platforms can freeze funds if they were stolen from someone else, no one can do that on a decentralized exchange.
These, however, don’t have enough liquidity for the hacker to cash out 340,000 ETH, at press time worth around nearly $50 million. Spreading out the funds by sending them to several addresses may end up throwing off some, but there are now sophisticated tools used to track transactions on a public blockchain like that of Ethereum.
Lorne Lantz, author of an upcoming book on blockchain technology, has used a visualization tool to show the hacker(s) sent funds to cryptocurrency exchanges via secondary addresses. The same might happen after the funds are spread out.
Day #3's flow of @upbitglobal flow of funds. So far has sent small amounts to @binance & @HuobiGlobal . What other exchanges will the hacker try? pic.twitter.com/oeyGxXq87k
— Lorne Lantz (@Lornestar) November 29, 2019
As reported, Upbit reacted to the security breach by moving its cryptoassets to cold wallets and suspending deposits and withdrawals. The South Korean crypto exchange has said it’ll cover the loss with its own funds.
Featured image by David McBee from Pexels.