$27.3 Million Stolen in Latest Private Key Exploit Incident
PeckShield reports a major $27.3M theft involving ETH withdrawn from Aave and laundered via Tornado Cash, highlighting escalating blockchain security breaches.
ETH
USDT
AAVE
Summary
PeckShield disclosed that an attacker exploited a private key to steal $27.3 million in cryptocurrency. The perpetrator withdrew 1,000 ETH, valued at approximately $5 million, from the Aave protocol and laundered the funds through Tornado Cash. This follows earlier incidents, including a $2.3M USDT theft converted to ETH and laundered similarly, and multiple smaller-scale EVM chain thefts totalling about $107,000. The attacker’s identity remains unknown, and investigation is ongoing.
Terms & Concepts
- Private key leak: When a cryptocurrency wallet’s secret access key is exposed, allowing unauthorized control of the funds.
- Tornado Cash: A decentralized crypto transaction mixer that obscures the origin of funds by pooling and redistributing Ethereum transactions.
- ETH (Ethereum): The native cryptocurrency of the Ethereum blockchain, used for transactions, smart contracts, and decentralized applications.