A hacker who seized control of a compromised multisignature wallet has withdrawn an additional 1,000 ETH from decentralized lending protocol Aave and laundered the funds via Tornado Cash, bringing the total amount funneled through the privacy mixer to 6,300 ETH, according to blockchain security firm PeckShield.
The latest withdrawal came from an open position on Aave, where the hacker continues to control a leveraged ETH long.
On Tuesday, PeckShield said on X that the attacker has now laundered roughly $19.4 million worth of ether from the wallet, part of a broader exploit that drained approximately $27.3 million in assets in December after the multisig’s private keys were compromised.
The compromised wallet, a Gnosis Safe multisignature address identified as “0x1fC…d23Ac“, is not affiliated with Aave itself and appears to belong to a private whale. Blockchain data cited by PeckShield shows the attacker still maintains a $9.75 million leveraged long position involving roughly $20.5 million in ether supplied against about $10.7 million in borrowed DAI, leaving the position solvent but increasingly exposed if market conditions shift.
PeckShield first publicly flagged the incident on Dec. 18. At the time, about 4,100 ETH had already been routed through Tornado Cash, with the attacker retaining control of the wallet and its open Aave position.
Privacy tools like Tornado Cash are commonly used in crypto exploits to break onchain transaction trails and complicate recovery efforts.
Rather than closing the position outright, the hacker has since been unwinding it gradually, withdrawing collateral in stages and laundering the proceeds while keeping the borrow open to avoid triggering liquidation.
The approach appears to be a slow-drain tactic used to maximize extraction while minimizing the risk of forced liquidation in DeFi protocols.
The identity of the victim has not been disclosed, and no protocol treasuries have been linked to the wallet. Activity associated with the address can be tracked publicly on Etherscan, which shows ongoing interactions with Aave contracts and Tornado Cash deposits.
Also, no recovery effort has been widely announced, and the long-term outcome of the leveraged position remains uncertain.
The ongoing laundering extends the fallout from a year marked by major crypto security breaches.
In 2025, the 10 largest hacks resulted in an estimated $2.2 billion in losses across centralized exchanges, DeFi protocols, and infrastructure providers, according to Chainalysis, with this multisig incident falling below the year’s biggest cases, including Bybit and GMX.
© 2025 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Trade Crypto On Coinhub Exchange
Trade Crypto On Coinhub Exchange
Stay ahead of the market by turning news insights into trading opportunities. With Coinhub Exchange, you can seamlessly buy, sell, and manage your digital assets, all in one secure platform. Take advantage of real-time market insights, deep liquidity, and fast execution for your favorite cryptocurrencies. Don’t just read about it — trade crypto now!
Disclaimer
The content of this article shown by Coinhub News, powered by The Block, is for informational purposes only and should not be construed as financial, legal, tax, or investment advice. Coinhub News and its affiliates are not a licensed financial advisor, legal advisor, broker, or tax advisor, and ... should not be considered as professional advice or a recommendation to engage in any specific investment, legal decision, or financial transaction. Cryptocurrency markets are highly speculative and volatile. Readers should perform their own independent research and consult with a qualified professional before making any financial or legal decisions. The opinions expressed in this article are those of the author and do not necessarily represent the views or opinions of the Company of its affiliates. Additionally, the Company does not make any representations or warranties regarding the accuracy, timeliness, reliability, or completeness of any information in this article. By accessing this content, you acknowledge that any reliance on the information contained in this article is solely at your own risk. The Company is not responsible for any financial losses, legal disputes, or other damages that may arise from reliance on this content or from any investment or legal decisions based on the information provided. Investing in cryptocurrencies involves substantial risks, including the risk of losing your entire investment, and you should carefully consider whether it is appropriate for your circumstances.
Read more
