Crypto Heist: Hacker Steals $29M in SUI, Exploits Tornado Cash

A recent on-chain investigation has revealed a significant security breach in the cryptocurrency world, with a hacker managing to steal $29 million worth of Sui (SUI), a rival to Solana (SOL), from a single unsuspecting victim. The theft occurred on December 12th, as discovered by on-chain sleuth ZachXBT.

The hacker exploited a vulnerability in the Sui ecosystem, bridging the stolen funds from Sui to Ethereum via Bridgers, and then depositing them to Tornado Cash in batches. The victim, upon realizing the theft, promptly transferred their.sui domains to a new, uncompromised address. However, current limitations with Sui block explorers and Sui analytics tools make it challenging to trace the stolen funds.

Tornado Cash, an Ethereum-based coin mixing system, was used by the hacker to conceal the digital assets. The controversial project was sanctioned by the US in 2022 for national security purposes. The use of Tornado Cash in this hack further highlights the importance of regulatory oversight in the cryptocurrency industry.

According to blockchain security firm PeckShield, losses from crypto hacks and scams surged in 2024. The total value loss in the crypto sector last year exceeded $3.01 billion, marking a 15% increase from the 2023 total. This figure included $2.15 billion stolen in hacks and $834.5 million looted in scams. Notably, $488.5 million worth of crypto was recovered during the same period.

While 2024 saw a significant increase in digital asset losses, it was still not as prolific as 2022, which witnessed $3.6 billion worth of value loss across the sector. This trend underscores the ongoing challenges faced by the cryptocurrency industry in ensuring the security and stability of its ecosystems.