Two wallets, 0x1209…e9C and 0xaac6…508, had approximately $2.3 million USDT stolen due to compromised private keys; the funds were subsequently converted to 757.6 ETH and laundered via TornadoCash.
The incident was recorded through on-chain monitoring from PeckShieldAlert, revealing a chain of actions: wallet hijacking, transferring stablecoins, converting them to ETH, and then using a mixing tool to conceal the flow of funds.
- Approximately $2.3 million worth of USDT was stolen due to a compromised private key.
- USDT was converted to 757.6 ETH after the hijacking.
- Money was laundered through TornadoCash.
Developments in the theft and money laundering case.
PeckShieldAlert discovered that two wallet addresses, 0x1209…e9C and 0xaac6…508, lost approximately $2.3 million USDT due to compromised private keys; the attacker converted the funds to 757.6 ETH and transferred them via TornadoCash.
According to a report dated December 23rd, the starting point was a compromised private key, allowing the attacker to sign transactions to withdraw USDT from the two wallets mentioned above. After acquiring the stablecoin , the attacker converted it to ETH, obtaining 757.6 ETH, in order to increase the ability to move through multiple channels and prepare for anonymity.
The final stage involves laundering via TornadoCash. Putting ETH into a mixing service reduces the traceability of the link between the source address (0x1209…e9C, 0xaac6…508) and subsequent receiving addresses, making recovery and on-chain investigation more difficult.
