Crypto Security Firm CertiK Alerts: Funds Funnelled To Tornado Cash
Crypto security firm CertiK has raised an alarm about a notorious wallet drainer who recently transferred funds into the sanctioned crypto tumbler Tornado Cash. In an alert issued on May 27, CertiK revealed that two externally owned addresses (EOAs), namely 0x546 and 0x108, deposited 20 ether (ETH) worth $36,473 into Tornado Cash.
#CertiKSkynetAlert 🚨
We are seeing a movement of funds to @TornadoCash from EOA 0x546 and 0x108 who have deposited a total of 20 ETH.
Funds originate from a known wallet drainer address.
See more below 👇https://t.co/d0VE1jMMR4
Stay vigilant!
— CertiK Alert (@CertiKAlert) May 27, 2023
Wallet Drainer
According to CertiK, the funds originated from a wallet drainer, a malicious file designed to automatically siphon cryptocurrency from unsuspecting visitors to phishing sites. While the alert confirmed the address as a known wallet drainer, it did not disclose any past exploits associated with it.
CertiK’s warning about the wallet drainer was just one of several alerts issued over the weekend, as hackers and exploiters continued their assaults on various crypto platforms. The security company also cautioned users of layer-2 (L2) protocol Nahmii against a fake token airdrop link shared on Nahmii’s Discord channel, asserting that it too connected to a known wallet drainer.
Nahmii, an Ethereum-based L2 protocol facilitating decentralized application transactions, employs a hybrid consensus mechanism combining proof-of-stake (PoS) and proof-of-transfer (PoT) for enhanced security and finality. CertiK advised Nahmii users not to click on any links until the platform’s team confirmed regaining server control.
Fraudulent RFD Airdrop Exposed
Additionally, CertiK drew attention to a fraudulent Refund (RFD) airdrop allegedly promoted by the Twitter account @Arnoldty_eth, which boasted over 8,000 followers. The account shared instructions for claiming the RFD airdrop, leading users to a website linked to a phishing contract identified as 0x146 by CertiK.
Recent incidents have shown that crypto scammers have exploited active crypto Twitter accounts, knowingly or unknowingly, to propagate phishing scams. Just days ago, hackers hijacked the prominent Twitter account @steveaoki to promote a fake airdrop, resulting in unsuspecting users losing over $170,000. Other accounts, including @eth_ben, inadvertently aided the scam by unwittingly amplifying the fake promotion to a wider audience.
CertiK’s warnings highlight the ongoing threats faced by the crypto community and emphasize the importance of maintaining caution and employing robust security measures while engaging with digital assets and participating in airdrop programs. Vigilance and scepticism remain essential in the ever-evolving landscape of crypto scams.
