Ethereum Whale Multisig Drained for $27.3M; Attacker Launders 4,100 ETH via Tornado Cash

An Ethereum multisignature wallet controlled by a whale was compromised after a private key leak and drained for an estimated $27.3M. Security firm PeckShield and on‑chain investigators reported the attacker set themself as the sole signer on a 1-of-1 multisig (created April 11, 2025), enabling full control. The attacker moved roughly 4,100 ETH (~$12.6M) through Tornado Cash in repeated 100 ETH transfers, retaining about $2M in liquid assets and various tokens (WETH, OKB, TWT, LEO, FET, NEXO). Investigators warn the private key may have leaked during setup or via malicious assistance; linked positions could raise total losses toward ~$38M. The victim’s multisig still holds a leveraged Aave long: ~25,000 ETH supplied as collateral against about $12.3M DAI borrowed, with a health factor near 1.68 — vulnerable to sharp ETH price drops that could trigger liquidations. Trading implications: expect potential short-term downside pressure on ETH from laundering and possible sell-offs of remaining stolen balances, and heightened liquidation risk that could amplify dumps. Traders should monitor on-chain flows, Tornado Cash addresses, the multisig’s Aave health factor, and inflows to centralized exchanges for signals of further cash-out or forced selling.