Pancake Bunny hacker successfully drains 29M worth of Ether using Tornado Cash

After laying dormant for three years, a portion of the stolen funds from the Pancake Bunny flash loan attack in May 2021, which caused the value of its BUNNY token to plummet by 95%, were recently traced to the privacy protocol Tornado Cash. Pancake Bunny, unable to recover the stolen funds, ultimately dissolved the protocol and transformed it into a decentralized autonomous organization (DAO). On July 7, a wallet address linked to the Pancake Bunny hacker transferred 1,002 Ether of stolen funds to Tornado Cash in an attempt to avoid detection. According to CertiK, the hacker currently holds $11.4 million worth of Dai, having siphoned approximately $3 million in Ether based on current market prices. In light of this incident, crypto security experts, including CertiK, stress the importance of preventive measures to safeguard against protocol hacks. CertiK has taken steps to enhance security by migrating its suite of blockchain applications to a cloud computing subsidiary of Alibaba. Additionally, CertiK recently found itself at the center of controversy when it was accused by cryptocurrency exchange Kraken of stealing $3 million in digital assets.