Bybit’s hacker laundered $1.4B in 10 days via THORChain. Experts suspect Lazarus Group. Security firms still tracking stolen funds.
The hacker behind the biggest crypto theft ever just pulled off the impossible—laundering all $1.4 billion worth of stolen funds in just 10 days. The exploit, which happened on February 21, saw over 500,000 ETH vanish from Bybit. The attacker used THORChain, a decentralized exchange that allows seamless crypto swaps without centralized oversight.
Blockchain security firm Lookonchain confirmed that 499,395 ETH ($1.04B at today’s prices) has been fully laundered. The original theft was $1.4B, but due to Ethereum’s price drop from $2,839 to $2,067, the stolen funds’ value also decreased.
Experts believe North Korea’s Lazarus Group is behind the attack. South Korea even sanctioned 15 North Koreans for funding nuclear weapons through crypto hacks. Despite advanced laundering techniques, security firms think they might still track some stolen funds.
Bybit moved fast, replacing all $1.4B by February 24, assuring users that withdrawals remained unaffected. CEO Ben Zhou stated that 77% of the funds are still trackable, but over $280M is completely gone.
Crypto firms are now pushing for better security, with off-chain transaction validation emerging as a potential fix to stop future hacks before they happen.
Also Read: White House and Lawmakers Push Back Against IRS DeFi Broker Rule