THORSwap, a multichain decentralized exchange (DEX) that runs on the cross-chain liquidity protocol THORchain, is under “maintenance mode” to prevent further illicit movement of funds on the platform.
THORSwap entering maintenance mode
On Oct. 6, THORSwap said it would temporarily transition into maintenance mode amid concerns of bad actors moving illicit funds through the platform.
The DEX will remain in maintenance mode until it can work out a “more permanent and robust solution” to ensure the platform’s security and integrity.
Meanwhile, other services including staking, borrowing, staking, and lending continue to be operational.
“Yesterday, following a careful evaluation of the situation and consultation with advisors, legal counsel, and law enforcement, the decision was made to temporarily transition the THORSwap interface into maintenance mode. This action was taken to swiftly curtail any further potential illicit activity.”
THORSwap on X
The latest development comes shortly after on-chain analyst Lookonchain revealed that the FTX hacker moved a total of $38 million worth of Ethereum (ETH) over the weekend, primarily using Railgun and THORChain, with the hacker making their first transfer move on Sep. 30.
Recently, Metamask developer Taylor alleged that Russian and North Korean hackers favored THORChain for their operations. He claimed that over 50% of Ethereum (ETH) to Bitcoin (BTC) transfers via the THORSwap router are stolen funds.
Meanwhile, THORSwap’s decision to disable swaps could be a preemptive action to prevent being sanctioned.
In August 2022, the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Tornado Cash, claiming that the crypto mixer facilitated the transaction of stolen crypto, including $455 million worth of crypto stolen by the North Korean hackers Lazarus Group.
Tornado Cash developer Roman Storm recently pleaded not guilty to charges leveled against him and other co-founders Roman Semenov and Alexey Prestev, alleging that they helped criminals launder over $1 billion in stolen crypto funds.
$7 billion in illicit crypto laundered through cross-chain
A recent report by blockchain analytics firm Elliptic revealed that rogue actors have laundered $7 billion worth of ill-gotten crypto assets through cross-chain and cross-asset services as of July 2023.
Elliptic notes that the surge in cross-chain crime, surpasses previous estimates.
The rise is attributed to the availability of diverse cryptocurrencies offering anonymity, stability, and criminals exploiting gaps in know-your-customer (KYC) procedures.
Enforcement actions against non-compliant exchanges led bad actors to shift to cross-chain protocols.
The report highlighted Lazarus Group as the primary launderer, channeling almost $1 billion in stolen funds.
“The Lazarus Group — a North Korean cyberhacking organization — is singularly the largest source of all illicit funds laundered through cross-chain bridges and the third the largest source of all cross-chain crime overall, having laundered over $900 million through cross-chain methods.”
Excerpt from Elliptic report
