Pancake Bunny Hacker Siphons $2.9M Ether Via Tornado Cash
Part of the stolen money linked to Pancake Bunny – a decentralized financial protocol powered by the BNB Smart Chain – was powered by the privacy protocol Tornado Cash after three years of dormancy.
Pancake Bunny suffered a flash credit attack in May 2021 and lost about 697,000 BUNNY tokens and 114,000 BNB (BNB), making the BUNNY token 95% successful.
After the pancake brown hack
Pancake Bunny was unable to recover the stolen funds and eventually broke the protocol and turned into a Decentralized Autonomous Organization (DAO).
Three years later, on July 7, a wallet address linked to the Pancake Brownie hacker transferred 1,002 Ether (ETH) of stolen funds to Tornado Cash.
After many years of activity, stolen funds
Based on the current market value, the hacker made off with about $3 million in Ether. According to CertiK, Pancake Brown mining currently holds $11.4 million worth of Dai (DAI).
Related: Crypto Losses Reach $1.19B in H1 2024: CertiK Calls for Better Security
Cryptosecurity experts strongly emphasize the importance of countermeasures when it comes to preventing protocol hacks. In this effort, Certike has moved a collection of 12 blockchain applications in Asia to the cloud computing branch of Chinese e-commerce giant Alibaba.
Ronggui Gu, founder of Certike, said:
“For more than five years, we have believed in the transformative power of blockchain technology. We look forward to empowering developers with secure blockchain development and deployment through the Alibaba Cloud Platform.”
The move will allow developers who expect high resource demands during peak hours to take advantage of Alibaba Cloud's additional computing, storage and distribution resources.
Blockchain security firm Certike identified himself as a “security researcher” who recently revealed that Kraken stole $3 million worth of digital assets after a failed investigation.
Kraken's head of security, Nicolas Percoco, claimed that an unnamed security group – not identified at the time as CertiK – had committed “extortion” by refusing to return any funds – unless they disclosed it until an agreement was reached to provide $$ for a bug that could potentially cause it.
Magazine: ‘Raider' Investors Are Raiding DAOs – Names and Aragon Share What They've Learned