A crypto attacker apparently took over a whale's multisig wallet minutes after it was created 44 days ago and has been regularly withdrawing and laundering funds since then.
A Thursday post on PeckShield noted that the attacker laundered about $12.6 million, or 4,100 Ether (ETH), through Tornado Cash and retained about $2 million in liquid assets while controlling a leveraged long position on Aave (AAVE).
However, latest findings from Yehor Rudytsia, head of forensics at Hacken Extractor, suggest that the full damage could exceed $40 million and that the incident likely began much earlier, with the primary signs of theft dating back to November 4th.
Rudytsia told Cointelegraph that the multisig wallet marked “compromised” may never have been meaningfully controlled by the victim. Onchain data shows that the multisig was created by the victim's account at 7:46 a.m. UTC on November 4, but ownership was transferred to the attacker just six minutes later. “It could be very likely that the theft actor created this multisig and transferred money to it, after which immediately exchanged the owner for himself,” Rudytsia said.
Attackers launder funds in batches. Source: PeckShield
The attacker plays the long game
Once on top of things, the attacker appeared to have acted patiently. They conducted tornado money deposits in batches for several weeks, starting with 1,000 ETH on November 4th and continuing in smaller, staggered transactions through mid-December. According to Rudytsia, there are also around $25 million in assets still on the multisig, which continues to be controlled by the attacker.
He also expressed concerns in regards to the wallet structure. The multisig was configured as “1-of-1,” meaning only a single signature was required to approve transactions, “which conceptually will not be multisig,” Rudytsia added.
Abdelfattah Ibrahim, a decentralized application (DApp) examiner at Hacken, said multiple attack vectors remain possible. These include malware or infostealers on the signer's device, phishing attacks that trick users into approving malicious transactions, or poor operational security practices resembling storing keys in plain text or using the identical computer for multiple signers.
“To prevent this, signing devices would have to be isolated as cold devices and transactions would have to be verified beyond the user interface,” Ibrahim said.
AI models that enable smart contract exploits
As Cointelegraph reported, a recent study by Anthropic and the Machine Learning Alignment & Theory Scholars (MATS) group found that today's leading AI models are already able to developing real, profitable smart contract exploits.
In controlled testing, Anthropic's Claude Opus 4.5, Anthropic's Claude Sonnet 4.5, and OpenAI's GPT-5 collectively generated $4.6 million price of exploits, demonstrating that autonomous exploitation is technically feasible with commercially available models.
In further testing, Sonnet 4.5 and GPT-5 were used against nearly 2,850 recently launched smart contracts with no known vulnerabilities. The models uncovered two previously unknown zero-day vulnerabilities and produced $3,694 price of exploits, barely greater than the $3,476 API cost required to generate them.
