I was browsing through the "Crypto Tracing Handbook" and I found this,
Case 2: Wasabi Coinjoin Analysis(1) Background
A whale’s wallet private key was leaked and the funds were stolen, with the stolen assets moved into Wasabi CoinJoin. The affected user sought assistance from the MistTrack team. MistTrack conducted withdrawal analysis on the stolen funds mixed into Wasabi CoinJoin, successfully tracking and recovering the flow of the funds. Subsequently, the hacker attempted cross-chain transfers. MistTrack identified historical traces of the hacker’s addresses moving funds to exchanges and assisted law enforcement in contacting the exchanges to request evidence and apply risk controls on the relevant accounts. Later, as the hacker further transferred stolen funds to exchange-related accounts, part of the stolen funds was successfully frozen.
https://github.com/slowmist/Crypto-Asset-Tracing-Handbook/blob/main/README_EN.md#case-2-wasabi-coinjoin-analysis This post is not a criticism towards Wasabi, I merely want to know what more the hacker could have done to make his/her transactions more untraceable. If he used the Lightning Network as another "layer of privacy", would SlowMist entirely have no way of knowing what addresses those UTXOs went once they enter LN?