Tornado Cash Phishing Attack

Challenge: Identify the Phishing Indicators

Educational Purpose Only - Phishing Simulation

Scenario Description

You are a hacker who has just exploited a DeFi protocol and stolen 2930 ETH. To cover your tracks, you decide to use Tornado Cash to mix the funds. You search for "Tornado Cash" and click on a link that appears to be the official website.

Warning: This is an educational phishing simulation. Do not use these techniques in real-world scenarios.

TornadoEth.cash

Your Deposit Note

Contract Address

Please verify if the contract address belongs to the official Tornado Cash

Recipient AddressAddress where funds will be sent

Statistics 100 ETH

Anonymity set 3

38644 equal user deposits

Latest deposits

100 ETH

0x7ea2...f93d3h

100 ETH

0x42c1...9e5b1d

100 ETH

0xa9f7...4b122d

Your Challenge

Examine the Tornado Cash interface above carefully. Can you identify the phishing indicators that reveal this is not the legitimate Tornado Cash website?

Hint: Look for subtle differences in the domain name (TornadoEth.cash vs Tornado.cash), recipient address, and other details that might indicate this is a phishing attempt.

What are the phishing indicators you identified? (Select all that apply)

The domain name "TornadoEth.cash" appears to be a phishing domain

The pre-filled recipient address (which would send funds to the attacker)

The deposit contract address is different from the official Tornado Cash contract

The user interface has subtle differences from the official Tornado Cash website

This challenge is locked. Please complete the beginner challenge1 first.