icon
icon
icon
Aime
Products
News
Market
Portfolio
icon
Download
Upgrade
Upgrade

News /

Articles /

Articles Details

"Bybit's $1.4B Crypto Heist: Lazarus Strikes, 77% Traceable"

Coin WorldTuesday, Mar 4, 2025 4:26 am ET
1min read
ETH --

Bybit Exchange, a leading cryptocurrency trading platform, has reported a significant security breach involving the theft and laundering of approximately $1.4 billion in digital assets. The incident, which occurred in February 2025, resulted in the loss of around 499,000 Ethereum tokens.

Investigations have revealed that the North Korean hacker group, Lazarus, was behind the attack. The group successfully laundered the entire amount within just 10 days of the theft, demonstrating their sophisticated understanding of cryptocurrency markets and their ability to exploit vulnerabilities in exchange platforms.

Bybit CEO Ben Zhou provided an update on the current status of the stolen funds. According to Zhou, 77% of the assets remain traceable, while 20% have "gone dark" and become untraceable. Additionally, 3% of the stolen funds have been frozen, representing a significant step towards recovery.

The hackers primarily used THORChain, a decentralized cross-chain liquidity protocol, to convert the stolen Ethereum to Bitcoin. THORChain processed $605 million in transactions during a single 24-hour period, demonstrating the scale and speed of the laundering operation. The platform collected $5.5 million in fees from these transactions, highlighting the financial incentives for participants in such illicit activities.

THORChain faced criticism from the cryptocurrency community for its role in the laundering operation. A core contributor named Pluto resigned after other validators rejected a proposal to halt Ethereum transactions, indicating the tension and disagreement within the community regarding the platform's involvement in the incident.

The hackers converted 83% of the stolen funds into Bitcoin, distributing these assets across 6,954 different cryptocurrency wallets. THORChain processed 72% of the laundered funds, equivalent to $900 million, while the remaining funds moved through other platforms. About 16% of the assets became untraceable after passing through ExCH, and the OKX Web3 Proxy handled another 8% of the stolen funds, worth approximately $100 million.

Investigators have managed to freeze 3% of the stolen assets, amounting to roughly $42 million in recovered funds. Bybit launched a website called Lazarusbounty.com to track the stolen funds and offers rewards to exchanges that help

Disclaimer: the above is a summary showing certain market information. AInvest is not responsible for any data errors, omissions or other information that may be displayed incorrectly as the data is derived from a third party source. Communications displaying market prices, data and other information available in this post are meant for informational purposes only and are not intended as an offer or solicitation for the purchase or sale of any security. Please do your own research when investing. All investments involve risk and the past performance of a security, or financial product does not guarantee future results or returns. Keep in mind that while diversification may help spread risk, it does not assure a profit, or protect against loss in a down market.