In a surprising turn of events, a hacker who targeted the Uranium Finance DeFi platform in 2021 has been found to have potentially used “Magic: The Gathering” trading cards to launder their stolen crypto gains. According to blockchain sleuth ZachXBT, the hacker withdrew 11,200 ETH from Tornado Cash in increments of 100 ETH over the past year. They then engaged in a series of transactions, converting the ETH to wrapped ETH (WETH) and transferring it to a different address. Finally, the hacker exchanged it for USDC and used a portion of the funds to purchase “Magic: The Gathering” trading cards.
A Complex Web
The hacker took several additional steps to complicate the tracing of funds back to their original source. These included depositing funds into centralized exchanges such as Kraken, Bitpay, and Coinbase. By utilizing these exchanges and purchasing trading cards, the hacker introduced numerous layers of complexity to the investigation. This strategy makes it challenging for authorities to link the stolen funds directly to the initial exploit of the Uranium Finance decentralized exchange in 2021.
The Timeline
ZachXBT’s investigation revealed a correlation in timing between the initial deposit of funds by the Uranium hacker into Tornado Cash and the subsequent withdrawal by the individual who purchased the MTG cards. The Uranium hacker deposited 52 X 100 ETH into Tornado on March 6 and 14, and the individual made significant withdrawals from Tornado on March 7 and 15. This timeline provides a strong indication that the funds used to buy the trading cards were indeed linked to the Uranium Finance hack.
To acquire the trading cards, the hacker employed the services of a U.S.-based broker who directly contacted sellers on their behalf. Through communication with multiple sellers, ZachXBT discovered that the buyer made substantial purchases, spending millions on items such as starter decks, alpha sets, and sealed boxes. Interestingly, the hacker overpaid for these items by 5-10%. The transactions were conducted with complete anonymity, with the hacker never disclosing their identity to the sellers.
Uranium Finance, a decentralized finance platform based on the Binance Smart Chain and a fork of Uniswap, suffered a significant loss of $50 million in a 2021 hack. The hacker exploited a calculation error in the platform’s code, allowing them to drain liquidity from the protocol. This breach highlights the vulnerabilities and risks associated with decentralized finance platforms and the need for robust security measures to protect user funds.
The revelation of a hacker laundering stolen crypto gains through the purchase of “Magic: The Gathering” trading cards poses a unique challenge to investigators. By introducing unconventional methods such as these, hackers can significantly complicate the tracing of stolen funds. This case underscores the importance of continuous innovation in blockchain sleuthing techniques to combat increasingly sophisticated cybercrimes in the cryptocurrency ecosystem.
Leave a Reply