The hacker behind the $235 million exploit of cryptocurrency exchange WazirX has converted nearly $150 million of altcoins to Ether — a move likely to avoid getting funds frozen or blacklisted. 

According to blockchain analytics firm Spot On Chain, the hacker converted $90.2 million worth of Shiba Inu ( SHIB ), $10.2 million in Polygon ( MATIC ) and nearly $7.5 million in Pepe (PEPE) to Ether ( ETH ) from July 18 to 19.

The transfers have now brought the total amount of stolen funds sitting in Ether ( ETH ) to $201 million, up from $52 million initially.

WazirX hacker funnels $149M of SHIB, MATIC other altcoins into ETH image 0 Source: Spot On Chain

A myriad of reasons to convert to Ether

The hacker likely transferred the ERC-20 tokens to Ether as it is far more liquid and cannot be blacklisted, Spot On Chain told Cointelegraph.

“Some ERC20 tokens have a contract function to blacklist addresses, while ETH native token does not have such a feature.”

“Swapping to Ether quickly can help the hacker secure their funds before any preventative measures are taken by authorities or the issuers of centralized tokens,” added blockchain security firm PeckShield in comments to Cointelegraph.

A textbook example of this is stablecoin issuer Tether, which has blacklisted hundreds of wallets making suspicious transactions with USDT , Spot On Chain added.

Ether is also easier to launder through cryptocurrency exchanges and mixer protocols and its price is much more stable, said blockchain security firm Beosin.

The hack triggered a SHIB selloff, falling nearly 7% since the incident, while Ether’s price has only fallen 0.1%.

The hacker still has around $12 million worth of Chromia (CHR), Celer Network (CELR), Frontier (FRONT) and Ooki (OOKI) tokens, Spot On Chain noted in the X post.

Related: Li.Fi releases incident report following $11M hack

The Indian-based cryptocurrency exchange halted withdrawals on July 18 after the security breach resulted in nearly half of its reserves being wiped out, according to WarzirX’s June proof-of-reserves statement.

“This is a force majeure event beyond our control, but we are leaving no stone unturned to locate and recover the funds. We have already blocked a few deposits and reached out to concerned wallets for recovery,” WazirX posted to X.

Blockchain forensics firm Elliptic told Cointelegraph that specific patterns and techniques in the WazirX attack led them to believe North Korean hackers were behind the $235 million hack.

Magazine: WazirX hackers prepped 8 days before attack, swindlers fake fiat for USDT: Asia Express