In a stark demonstration of the persistent vulnerabilities within decentralized finance, the perpetrator behind the 2023 Infini stablecoin heist has executed a major laundering operation, funneling 15,470 ETH—valued at approximately $32.58 million—into the privacy mixer Tornado Cash. This alarming development, first reported by blockchain analytics firm AmberCN, underscores the sophisticated, multi-stage financial strategies employed by modern crypto criminals and highlights the ongoing cat-and-mouse game between hackers and blockchain forensic experts.
The recent transaction represents a critical phase in a long-running financial saga. According to detailed on-chain analysis, the attacker initiated this laundering phase by strategically purchasing 6,316 ETH with DAI stablecoins precisely when the Ethereum price dipped to $2,109. This tactical buy, occurring just seven hours before the main laundering event, suggests a deliberate attempt to maximize value before obfuscation. Subsequently, the hacker deposited the entire consolidated sum into Tornado Cash.
This activity is directly connected to the original February 2023 exploit of Infini, a stablecoin-focused neobank project. During that incident, the attacker successfully stole $49.5 million in USDC. Forensic timelines show the hacker then swapped 3,540 ETH for DAI at an average price of $3,762 in August 2023. The latest laundering of 15,470 ETH appears to be the culmination of a patient, year-long strategy to liquidate and conceal the proceeds from the initial theft.
The choice of Tornado Cash is particularly significant. Despite being sanctioned by the U.S. Office of Foreign Assets Control (OFAC) in August 2022, the open-source, decentralized nature of the protocol means it continues to operate. This case powerfully illustrates the regulatory and enforcement challenges posed by decentralized technology.
The Infini exploit was part of a devastating year for DeFi, with over $3.8 billion lost to hacks and scams in 2023 according to industry reports. The prolonged period between the theft and the major laundering event suggests hackers are increasingly adopting long-term strategies, waiting for scrutiny to fade and for optimal market conditions before moving large sums.
