Private key leak: $2.3M USDT stolen, swapped to 757.6 ETH and laundered via Tornado Cash

Published: 2025-12-23 10:57:11 |

Two wallets suffered a private key compromise that allowed an attacker to steal about $2.3 million in USDT. PeckShield traced funds from wallets 0xaac6…508 (≈$1.8M) and 0x1209…e9C (≈$506K) into an attacker-controlled address (0x530…). The attacker swapped the consolidated USDT into 757.6 ETH and routed the ETH through Tornado Cash to obscure the on-chain trail. The later report places the breach in the context of a string of recent private-key and phishing incidents — including a $50M address-poisoning phishing loss reported by CertiK and a $27.3M multi-sig drain — highlighting rising on-chain security risks. Practical protections recommended: never share private keys or recovery phrases, use hardware wallets, verify addresses before signing, and for organisations implement robust secrets management, access limits, key rotation, and employee anti-phishing training. Primary keywords: USDT hack, private key leak, Tornado Cash, ETH laundering; secondary keywords: wallet compromise, on-chain analytics, custody controls.

Bearish

The incident is likely bearish for ETH in the short term because the attacker converted a large USDT holding into 757.6 ETH and routed it through a mixer, increasing the immediate sell pressure and uncertainty around those ETH flows. Traders may react by reducing exposure to ETH until the on-chain movements and any exchange deposits are clarified. For USDT itself the impact is limited — USDT’s peg and liquidity are unlikely to be affected by a single-issuer wallet compromise — but repeated private-key breaches undermine market confidence in custody practices and can increase volatility in related pairs. In the longer term the market impact is likely muted: cleaner forensic tracing, potential sanctions on tainted funds, and standard countermeasures (exchanges blacklisting mixer-linked deposits) usually contain lasting damage. However, frequent high-value private-key compromises reinforce risk premiums for counterparty and custody risk, keeping downward pressure on risk assets until security best practices are more widely adopted.