Quickly understand the history and background of various well-known coins

Bybit Tracks 68.57% of $1.4 Billion Hacked Funds

Coin WorldMonday, Apr 21, 2025 6:59 am ET

2min read

Bybit, a prominent cryptocurrency exchange, recently disclosed that a significant portion of the funds stolen in the $1.4 billion hack by North Korea's Lazarus Group remains traceable. According to Bybit CEO Ben Zhou, approximately 68.57% of the stolen funds, which amounted to around 500,000 ETH, can still be tracked. This revelation comes despite the hackers' efforts to obscure their tracks using various mixing services.

Zhou provided a detailed breakdown of the stolen funds, indicating that 27.59% have "gone dark," meaning their whereabouts are unknown, while 3.84% have been successfully frozen with the assistance of other exchanges. The untraceable funds were primarily funneled through mixers and then transferred to peer-to-peer (P2P) and over-the-counter (OTC) platforms via bridges.

The Lazarus Group, known for its sophisticated hacking techniques, has been linked to the theft by the FBI. The group employed a variety of coin mixers, including Wasabi Mixer, CryptoMixer, Tornado Cash, and Railgun, before transferring the funds through cross-chain platforms like Thorchain and Stargate. Zhou noted that a substantial amount of the stolen ETH, approximately 432,748 ETH or 84.45%, was converted into Bitcoin using Thorchain, with 67.25% of this amount distributed across over 35,000 wallets.

As of the latest update, 5,991 ETH, valued at around $16.77 million, remains on the Ethereum blockchain, scattered across 12,490 wallets with an average of 0.48 ETH each. On the Bitcoin side, 944 BTC, valued at $90.6 million, has been funneled through Wasabi Mixer alone. Additionally, 531 BTC, equivalent to around 18,206 ETH or 3.57% of the stolen assets, has been bridged back to Ethereum via Thorchain.

Many of the assets ultimately landed on OTC desks and peer-to-peer fiat exchanges, highlighting the complexity of the money laundering efforts. Bybit's Lazarus Bounty program, launched shortly after the hack, has received 5,443 reports in the past 60 days, with 70 of these reports validated as legitimate tips. Zhou emphasized the need for continued support from bounty hunters, stating that more reports are welcome as the exchange works to recover the stolen funds.

In the initial executive summary released last month, Zhou expressed concerns that Lazarus had already funneled 193 BTC through Wasabi at the time and noted that the stolen ETH was being laundered through multiple layers to make recovery more difficult. He warned that mixer activity would likely intensify as more funds attempt to exit the blockchain, making the recovery process even more challenging.

In response to the allegations, eXch, a privacy-focused crypto exchange, announced that it will shut down operations on May 1. The closure follows allegations that eXch facilitated laundering efforts by North Korea’s Lazarus Group. In an email, the exchange acknowledged that it had processed a minor part of the stolen Ethereum laundered through multiple centralized and decentralized services.

Disclaimer: The news articles available on this platform are generated in whole or in part by artificial intelligence and may not have been reviewed or fact checked by human editors. While we make reasonable efforts to ensure the quality and accuracy of the content, we make no representations or warranties, express or implied, as to the truthfulness, reliability, completeness, or timeliness of any information provided. It is your sole responsibility to independently verify any facts, statements, or claims prior to acting upon them. Ainvest Fintech Inc expressly disclaims all liability for any loss, damage, or harm arising from the use of or reliance on AI-generated content, including but not limited to direct, indirect, incidental, or consequential damages.