Symbols

Lazarus Group's $1.4B Bybit Heist: Money Laundering in Progress

Generated by AI AgentCoin World

Monday, Feb 24, 2025 6:32 am ET1min read

The recent hack of prominent cryptocurrency exchange Bybit has resulted in the theft of over $1.4 billion, marking one of the largest heists in the industry's history. As the dust settles, experts are now turning their attention to the likely next steps for the stolen funds, with a focus on potential money laundering activities.

According to a recent report by Web3 security firm Elliptic, the North Korea-linked Lazarus Group is suspected to be behind the attack. The group is known for its sophisticated laundering techniques, and it appears to be following a similar pattern in this case. The hackers are currently in the "layering phase" of their laundering process, which involves dispersing the stolen funds across multiple wallets and using cross-chain bridges to shift assets between blockchains.

The initial step in the laundering process involved converting the stolen tokens into ETH, a common strategy employed by the Lazarus Group. This is because tokens have issuers who can potentially freeze wallets containing stolen assets, whereas there is no central party that can freeze Ether or Bitcoin. Within just two hours of the attack, the stolen funds were split across 50 different wallets, each holding around 10,000 ETH.

Experts believe that the next likely step will involve sending portions of the funds through crypto mixers like Tornado Cash. The Lazarus Group is well-known for using such platforms to obfuscate the origin of the funds. However, laundering such a massive sum won't be easy for the hackers, as the sheer volume of stolen assets increases the risk of detection. Large transactions are more likely to trigger alerts on exchanges and blockchain monitoring systems.

The attack on Bybit occurred on February 21, when the attackers exploited the exchange's Ethereum multisig cold wallet during a routine transfer to the warm wallet. They manipulated the signing interface, making it display the correct wallet address while altering the underlying smart contract logic. Over $1.4 billion worth of various assets, such as Mantle Staked ETH (mETH) and other ERC-20 tokens, were siphoned off the exchange.

Independent crypto sleuth ZachXBT uncovered direct on-chain links between the Bybit hack and the recent Phemex exchange breach, both of which are suspected to be the work of the Lazarus Group. Bybit has clarified that all users affected in the

Coin World

Quickly understand the history and background of various well-known coins

Latest Articles

Stay ahead of the market.

Get curated U.S. market news, insights and key dates delivered to your inbox.

Comments

﻿

Add a public comment...

No comments yet

AInvest
PRO

Editorial Disclosure & AI Transparency: Ainvest News utilizes advanced Large Language Model (LLM) technology to synthesize and analyze real-time market data. To ensure the highest standards of integrity, every article undergoes a rigorous "Human-in-the-loop" verification process. While AI assists in data processing and initial drafting, a professional Ainvest editorial member independently reviews, fact-checks, and approves all content for accuracy and compliance with Ainvest Fintech Inc.’s editorial standards. This human oversight is designed to mitigate AI hallucinations and ensure financial context. Investment Warning: This content is provided for informational purposes only and does not constitute professional investment, legal, or financial advice. Markets involve inherent risks. Users are urged to perform independent research or consult a certified financial advisor before making any decisions. Ainvest Fintech Inc. disclaims all liability for actions taken based on this information. Found an error?Report an Issue