Largely suspected Lazarus Group funnels stolen $1.5B from Bybit exchange via THORChain decentralized exchange.
In a recent cybersecurity incident, the Bybit cryptocurrency exchange suffered a significant loss of funds, with the stolen assets primarily being processed through the decentralized cross-chain liquidity protocol, THORChain.
According to blockchain analytics firms and security researchers, a total of 361,255 Ether (ETH), equivalent to $900 million, has been processed through THORChain in relation to the Bybit hack. This amount represents 72% of the stolen funds, with 77% remaining traceable, 20% unaccounted for, and 3% frozen.
The laundered funds were primarily transferred into Bitcoin (BTC) from ETH. Notably, 40,233 ETH, valued at $100 million (8%), was moved through the OKX Web3 proxy. Meanwhile, 16,680 ETH from the OKX transaction remains traceable, while 23,553 ETH ($65 million or ~5%) is currently untraceable.
The North Korean-affiliated Lazarus Group has been identified as the main suspect behind the Bybit hack. This allegation adds to the growing concerns about the involvement of illicit activities in the crypto world. Despite surpassing $5 million in revenue, the THORChain protocol has come under scrutiny for its role in processing these transactions.
Bybit Co-founder and CEO, Ben Zhou, confirmed that the hackers utilized THORChain to convert ETH into BTC following the breach. In response, Bybit has introduced a tracking website to monitor the movement of its stolen funds and is offering a bounty to those who assist in freezing them.
Eleven entities have assisted Bybit in freezing the stolen funds, with Mantle, Paraswap, and ZachXBT playing key roles. However, one-eXch, a no-KYC swap service, has refused to freeze assets connected to the hack.
On February 28, a developer known as "Pluto" resigned after a decision to block transactions linked to North Korean hackers was overturned. This incident sparked controversy within the crypto community, with supporters of THORChain arguing that, as an open-source and decentralized protocol, it operates independently and does not function as a law enforcement entity.
So far, the platform has identified seven exchanges cooperating in the effort. A total of $2,178,797 USDT has been distributed to 11 bounty hunters for their contributions. Crypto commentator Yogi alleged that THORChain played a role in laundering $605 million linked to North Korea on March 4.
Amidst these developments, THORChain continues to process high volumes of transactions, with over $5.5 billion in transaction volume following the Bybit hack. The incident serves as a reminder of the need for increased vigilance and cooperation within the crypto community to combat illicit activities.
Read also:
- Expanded Criticism of Human Rights Protections - Specialists Criticize Russia's Intensified Crackdown on Virtual Private Networks and Encrypted Applications
- Cyber Attack Nets $14 Million from WOO X Across Four Different Blockchains
- Auto industry giants Fescaro and TUV Nord team up for cybersecurity certification in automobiles
- Nigerian Securities and Exchange Commission (SEC) teams up with Chainalysis to combat cryptocurrency fraud activities
