Hacker Moves $757k Stolen EraLend Funds to Binance, Bybit, OKX

• The hacker behind the EraLend exploit moved $757,000 to CEXs.
• This moved fund represents 31% of the total funds stolen in the exploit.
• The hacker used multiple steps to obfuscate the trail of the funds.

In a recent update, blockchain security firm PeckShield reported that addresses associated with the exploit of EraLend have taken action across multiple networks. Specifically, addresses linked to the exploit have moved approximately 410.8 ETH, valued at around $757,000.

According to the security firm, this movement represents roughly 31% of the stolen funds. The update highlighted that the bad actors directed the stolen funds to centralized exchanges (CEXs). Notably, the exploiter-labeled addresses under observation are on the networks of  Ethereum (ETH), Optimism (OP), and Arbitrum (ARB).

For context, EraLend experienced an exploit on the zkSync network a month ago. The hacker was able to exploit a vulnerability in the protocol to withdraw cryptocurrencies amounting to approximately $2.7 million.

The fact that the hacker has transferred a significant portion of the stolen funds to CEXs suggests they plan to cash out the funds. The tweet included a flowchart depicting the stolen funds’ movement from the Eralend lending protocol to CEXs.

According to the visual representation from PeckShield, the hacker undertook multiple steps to obfuscate the trail of the funds. The first section shows how the scammer transferred the stolen funds to multiple Ethereum addresses.

Moreover, it moved the funds in and out of multiple Optimism and Arbitrum wallets. The hacker also used a mixer service to cloud the fund origin before ultimately sending it to crypto exchanges. These exchanges include Binance, Okx, Gate.io, Bybit, and more.

Meanwhile, Coin Edition recently reported that the hacker behind Curve Finance exploit had returned a significant part of the fund. Curve Finance has made a public appeal for the remainder of the fund.