Details of the hacking incident against the decentralized finance (DeFi) protocol Unizen were revealed by blockchain security firm PeckShield on August 7.

According to PeckShield’s determination, the address involved in the hacking incident transferred funds worth 865.4 Ether (ETH), approximately $2.16 million, to Tornado Cash. This was noted as the first time stolen funds were moved.

Unizen promised to refund users who lost up to $750,000 during the hacking incident.

It was announced that refunds would start as of March 11. However, on August 7, the stolen funds were seen leaving the hacker wallet for the first time.

This development raised concerns about the effectiveness of Unizen’s security measures and tracking of stolen funds.

The hacker’s movement of funds began at 04:12 UTC on August 7. 500,000 DAI (Maker Protocol’s stablecoin) were sent in this hour. Subsequently, a transfer of 1,679,859 DAI was made and these funds were transferred to an unknown wallet (0x8660…84d7).

These transfers show that the hacker is quickly moving funds from one place to another, increasing the risk of possible traces being lost in the process.

As of 04:14 UTC, the hacker began converting 2,179,859 DAI into 863.67 ETH. The process of sending ETH to Tornado Cash started at 05:35 UTC and was carried out in 26 separate transactions.

These transactions reveal that the hacker is trying to hide the stolen funds through various steps and make the money disappear.

Unizen announced that after the hacking incident, CEO Sean Noga transferred funds to the company to repay the lost funds. In the statement made on March 11, it was stated that refunds would be made in Tether or Circle USD.

However, for users affected by losses of more than $750,000, the DeFi protocol would evaluate each case on a case-by-case basis.

Following the exploit incident in March, Unizen’s chief technology officer Martin Granström announced that the company was cooperating with third-party security firms and law enforcement to detect the hacker.

Granström stated that the company plans to share an incident report and increase security measures in the future.

These developments reveal the seriousness of security vulnerabilities in the cryptocurrency industry and the measures that need to be taken to minimize the effects of such events.

This situation, which emerged after Unizen’s hacking incident, contains important lessons for both Unizen and other DeFi protocols.

The need for stricter controls on security measures and fund management is considered a critical step to prevent such incidents from recurring.