21-3-2025 – Bybit’s chief executive Ben Zhou has unveiled fresh intelligence regarding February’s mammoth digital heist. Speaking yesterday, Zhou revealed that investigators can still monitor nearly 89% of the purloined assets, valued at approximately $1.4 billion.
The cryptocurrency exchange’s recovery efforts have yielded promising results, with roughly 3.5% of the stolen funds successfully frozen. However, concerns linger as 7.6% of the assets have vanished from tracking systems, highlighting the sophisticated nature of the perpetrators’ evasion tactics.
3.20.25 Executive Summary on Hacked Funds:
Hacker started to use mixers: 1. Wasbi 2. CryptoMixer 3. Railgun 4. TornadoCash
Total hacked funds of USD 1.4bn around 500k ETH. 88.87% remain traceable, 7.59% have gone dark, 3.54% have been frozen.
Breakdown: – 86.29% (440,091 ETH,…— Ben Zhou (@benbybit) March 20, 2025
North Korea’s notorious Lazarus Group has emerged as the prime suspect, according to findings from leading blockchain intelligence firm Arkham Intelligence. The group’s methodology proved remarkably efficient, with security analysts noting their unprecedented speed in processing the ill-gotten gains through THORChain’s decentralised protocol.
In a fascinating display of digital sleight of hand, the attackers converted the majority of the stolen Ethereum—roughly 440,091 ETH worth $1.23 billion—into Bitcoin. These funds were subsequently dispersed across more than 9,000 digital wallets, employing various mixing services including Wasabi and Tornado Cash to obscure their trail.
The cryptocurrency community has mounted an impressive collaborative response, with twelve organisations joining forces in the recovery effort. Notably, blockchain investigator ZachXBT has partnered with Mantle and Paraswap in this unprecedented initiative. Bybit has sweetened the pot by offering a 10% bounty for successful fund recovery, already disbursing $2.2 million USDT to vigilant blockchain sleuths.
This incident echoes previous successful recovery operations within the cryptocurrency sector. Last year’s Jump Crypto triumph saw the retrieval of $140 million from the Wormhole protocol breach, whilst American authorities successfully recovered $2.6 million linked to earlier Lazarus Group infractions.
More alarmingly, United Nations investigators have established that approximately 40% of such stolen cryptocurrency typically finances North Korea’s weapons development programmes. This revelation prompted the FBI to issue a stern warning about the group’s evolving cyber tactics last autumn.
