Hackers responsible for the Bybit hack are continuing to move stolen Ethereum, despite efforts from US authorities to stop them. On March 1, the hackers laundered 62,200 ETH, worth around $138 million, leaving only 156,500 ETH still unmoved.
Source: EmberCN
Most Stolen Funds Already Laundered
Crypto analyst EmberCN reported that 343,000 ETH out of the 499,000 ETH stolen in the $1.4 billion Bybit hack has now been transferred. This means nearly 69% of the stolen funds have been laundered, up from 54% on February 28. At this pace, the remaining funds are expected to be moved within the next three days.
The hackers are believed to be linked to North Korea’s Lazarus Group, a notorious cybercrime organization that has stolen billions from crypto projects over the years.
Legislators are attempting to block stolen crypto.
New: How to prevent being hacked like Bybit
— Markus Perdrizat (@maol) March 3, 2025
A bit more than a week ago, Bybit was hacked for almost $1.5bn: Hackers steal $1.5bn from crypto exchange in ‘biggest digital heist ever’ (h …https://t.co/GJdt4sT6fw pic.twitter.com/DjywzaBt9I
The FBI is doing its part to prevent any transactions related to the hackers. They have identified 51 Ethereum wallet addresses associated with the Bybit exploiters and are instructing crypto exchanges, blockchain bridges, and node operators to prevent transactions from those addresses from processing.
Furthermore, blockchain security company Elliptic has found more than 11,000 wallet addresses likely belonging to the hackers, suggesting the attackers are drawing on a large pool of wallets in order to launder stolen money.
How Hackers Are Laundering the Funds
The hackers have been evading security by utilizing decentralized exchanges (DEXs), cross-chain bridges, and instant swap services that do not involve the Know Your Customer (KYC) verification.
The hackers have been exchanging the stolen ETH with Bitcoin, Dai stablecoin, and other tokens to make the tracking more difficult, Chainalysis, a blockchain forensic company, has reported.
The hackers have been using THORChain, a system that lets people swap different cryptocurrencies without going through a bank or company.Since there are no identity checks, cybercriminals like using it to hide where stolen money comes from.
THORChain Under Fire for Enabling Transactions
Developers behind THORChain have faced heavy criticism for allowing the hackers to move stolen crypto. So, there was this plan to freeze North Korean hacker transactions, after get rejected by the community, and one of the lead developers, this dude “Pluto,” just left in protest.
THORChain founder John-Paul Thorbjornsen responded to the scandal by stating that he’s no longer involved in the project. He also pointed out that none of the sanctioned wallet addresses listed by the FBI have interacted directly with THORChain.
Largest Crypto Hack in History
The Bybit hack is now the biggest crypto hack in history, stealing more than twice the amount lost in the $650 million Ronin Bridge hack in 2022.The hackers used advanced tricks to break into Bybit’s security and steal $1.4 billion worth of Ethereum (ETH).This shows how risky the crypto industry has become, especially with North Korean hackers still attacking crypto exchanges and DeFi platforms.
Since most of the stolen money has already been moved, authorities are rushing to stop the rest from being laundered before it disappears completely.
, with 69% of stolen funds already moved. Linked to North Korea’s Lazarus Group, they use DEXs and THORChain to evade authorities. The FBI and crypto firms race to stop further laundering.){kind=link}