On April 29, Rain cryptocurrency exchange experienced a potential exploit that transferred approximately $14.1 million worth of various cryptocurrencies to a new wallet under suspicious circumstances. On-chain analyst ZachXBT shared this information via their Telegram channel, noting that the exploit involved suspicious outflows from Rain’s Bitcoin, Ethereum, Solana, and XRP wallets. Funds from these wallets were quickly transferred to instant exchanges, exchanged for Bitcoin and Ethereum, and then transferred to two addresses on the Bitcoin and Ethereum networks. The Ethereum address currently holds approximately 1,881 ETH, valued at $5.5 million, while the Bitcoin address holds 137.9 BTC, valued at $8.6 million.
Arkham Intelligence data reveals that the Ethereum destination address received its funds from an address ending in “d609,” which received funds from various Bitgo multi-signature wallets. These wallets were involved in sending over 590 ETH, 20 billion Shiba Inu, 12,500 Chainlink, $240,000 Tether (USDT), and $500,000 USD Coin (USDC). These tokens were quickly swapped for ETH on Uniswap. Additionally, the Uniswap account received funds from a Binance hot wallet. Rain, a centralized crypto exchange based in Bahrain, primarily serves customers in Southwest Asia and the Middle East. The exchange’s “pro” version has been intermittently down since May 5, and in 2023, Rain obtained approval from Abu Dhabi‘s financial regulator to operate as a virtual asset brokerage and custody service provider.
ZachXBT has also made substantial allegations regarding the Lazarus Group’s involvement in crypto laundering. According to their analysis, the Lazarus Group laundered $200 million worth of cryptocurrency into fiat currency over a four-year period, with at least $44 million worth of stolen crypto being laundered through Paxful and Noones. The stolen funds were reportedly converted into Tether (USDT) stablecoin before being exchanged for cash and withdrawn, with the Lazarus Group relying on China-based over-the-counter traders for crypto-to-fiat conversions. Additionally, ZachXBT reported a phishing attack on a holder of Bored Ape Yacht Club tokens, resulting in the loss of three rare NFTs.
In the broader context of the crypto industry, investors lost $2 billion to hacks and exploits in the previous year, with an additional $333 million stolen in the first quarter of this year. These incidents highlight the ongoing risks and vulnerabilities present in the crypto space, despite advancements in security measures and regulations. As cryptocurrencies continue to gain mainstream acceptance and adoption, the need for robust security protocols and diligence in safeguarding assets becomes increasingly important to protect investors and prevent illicit activities such as laundering and theft. The interconnected nature of the crypto ecosystem also underscores the importance of collaborative efforts among stakeholders to enhance security practices and mitigate risks in the ever-evolving landscape of digital assets.