Buy Crypto Markets Spot FuturesGOLD Earn Event Center

Things have gotten complicated for altcoins, which recently suffered significant losses due to a hack. Continue Reading: Things Turned Out to Be Much More ComplicatedThings have gotten complicated for altcoins, which recently suffered significant losses due to a hack. Continue Reading: Things Turned Out to Be Much More Complicated

Things Turned Out to Be Much More Complicated Behind the Scenes at the Altcoin That Was Recently Hacked

Author: Bitcoinsistemi

Source: Bitcoinsistemi

2026/05/17 04:38

2 min read

For feedback or concerns regarding this content, please contact us at crypto.news@mexc.com

Blockchain analytics company Chainalysis has shared new findings regarding the addresses behind the THORChain attack. According to the analysis published on the company’s X platform, the attackers used sophisticated money laundering methods, carrying out complex cross-chain fund transfers weeks before the attack.

According to Chainalysis data, wallets linked to the attack have been moving funds between Monero, Hyperliquid, and THORChain since late April. It appears the attackers’ wallets deposited funds into positions on Hyperliquid via Hyperliquid and Monero privacy bridges, then converted these assets to USDC and transferred them to the Arbitrum network. Subsequently, some of the funds were moved to the Ethereum network and then sent to THORChain to stake RUNE for a newly joined node, which is believed to be the source of the attack.

Related News: The Next Spot ETF Jackpot in the US Will Likely Hit This Altcoin

The analysis stated that the attackers later bridged a portion of the RUNE assets back to the Ethereum network and divided them into four different connections. One of these connections went directly to the attackers, passing through an intermediary wallet and transferring 8 ETH to an address that would receive the stolen funds just 43 minutes before the attack. In the other three connections, the fund flow occurred in the opposite direction.

Chainalysis also stated that between May 14-15, the wallets in question moved their ETH assets back to the Arbitrum network, then deposited them into Hyperliquid, and finally transferred them to Monero via the same privacy bridge. The last transfer reportedly occurred less than five hours before the attack began.

The company added that as of Friday afternoon, the stolen funds had not yet been moved, but the attackers possessed sophisticated cross-chain money laundering capabilities.

*This is not investment advice.

Continue Reading: Things Turned Out to Be Much More Complicated Behind the Scenes at the Altcoin That Was Recently Hacked

SPACEX(PRE) Launchpad Is Live

Start with $100 to share 6,000 SPACEX(PRE)

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact crypto.news@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

Tags:

#Spot #ETF