According to BlockBeats, on August 15, 2024, Cyvers Alerts reported multiple suspicious transactions involving Vow detected by their system on August 13, 2024. The attacker had deployed a malicious contract 112 days prior and executed two hacking transactions on August 13, leading to the loss of 175 ETH, 595,970 USDT, and 5,801,632 VOW.
The attacker initially funded their operation through Tornado Cash and subsequently began redepositing the funds back into Tornado Cash. So far, 50 ETH has been transferred back, while the attacker still retains 402 ETH in their address.