Gravity Bridge Hacker Moves Another $2.1 Million in Stolen ETH to Tornado Cash

The hacker responsible for the Gravity Bridge exploit has transferred an additional 1,180 $ETH, valued at approximately $2.06 million, to the cryptocurrency mixing service Tornado Cash, according to blockchain security firm CertiK. This latest transaction brings the total amount of stolen funds sent through the mixer to 2,020 $ETH.

Details of the Latest Transactions

CertiK reported that the funds were moved through two externally owned accounts (EOAs) in a series of transactions over the past 24 hours. The total stolen during the initial exploit was 2,600 $ETH, worth roughly $5.4 million at the time of the hack. Of that amount, the majority has now been routed through Tornado Cash, a protocol designed to obscure transaction trails on the Ethereum blockchain.

The remaining stolen assets have been distributed across multiple centralized exchanges (CEXs), according to the security firm’s on-chain analysis. This pattern of moving funds through mixers and exchanges is a common tactic used by hackers to launder illicit proceeds and evade law enforcement.

Background on the Gravity Bridge Exploit

The Gravity Bridge hack, which occurred in mid-2024, exploited a vulnerability in the cross-chain bridge protocol. The attacker drained over 2,600 $ETH from the bridge’s smart contract, prompting an immediate investigation by CertiK and other blockchain forensics teams. The incident highlighted ongoing security risks associated with cross-chain infrastructure, which remains a frequent target for attackers due to the complexity of inter-blockchain communication.

Why This Matters for the Crypto Ecosystem

The continued movement of stolen funds through Tornado Cash underscores persistent challenges in blockchain security and regulatory enforcement. Despite sanctions imposed by the U.S. Treasury Department on the mixer in 2022, the protocol remains operational and continues to be used for laundering stolen cryptocurrency. This case also illustrates the difficulty of recovering assets once they enter mixing services, as transaction histories become nearly impossible to trace.

For users and investors, the Gravity Bridge incident serves as a reminder of the risks associated with cross-chain protocols and the importance of thorough smart contract audits. It also highlights the ongoing cat-and-mouse dynamic between blockchain security firms and malicious actors.

Conclusion

The Gravity Bridge hacker’s latest move to funnel over $2 million in stolen $ETH through Tornado Cash brings the total laundered through the mixer to more than 2,000 $ETH. With the remaining funds scattered across exchanges, the case remains active, and CertiK continues to monitor the wallets involved. The incident reinforces the need for stronger security measures in cross-chain protocols and the ongoing challenge of tracing and recovering stolen digital assets.

FAQs

Q1: What is Tornado Cash and why do hackers use it?Tornado Cash is a decentralized cryptocurrency mixer that breaks the on-chain link between a sender and receiver by pooling funds from multiple users. Hackers use it to obscure the trail of stolen assets, making it difficult for investigators to trace the funds.

Q2: How much was stolen in the Gravity Bridge hack?The attacker stole 2,600 $ETH, which was valued at approximately $5.4 million at the time of the exploit. The funds have since been moved through mixers and exchanges.

Q3: Can the stolen funds be recovered?Recovery is extremely challenging once funds enter a mixer like Tornado Cash, as the transaction history is intentionally obfuscated. However, blockchain security firms like CertiK continue to monitor the wallets and may provide intelligence to law enforcement if any funds resurface on exchanges.