21-4-2025 – In a sophisticated cyber-heist orchestrated by the North Korea-affiliated Lazarus Group, the cryptocurrency exchange Bybit suffered a staggering $1.4 billion loss, with nearly 28% of the pilfered funds now shrouded in obscurity, according to Ben Zhou, the platform’s chief executive. Speaking via a detailed executive summary shared on X, Zhou revealed that the February breach saw hackers seize control of Bybit’s ETH cold wallet, siphoning off 500,000 ether (ETH) to an unidentified address.
The trail of the stolen assets, as outlined by Zhou, paints a complex picture of digital subterfuge. Forensics indicate that 68.57% of the looted funds remain traceable, while 3.84% have been successfully frozen. However, the untraceable portion—equating to 27.59% of the haul—has been funneled through a labyrinth of crypto mixers, including Wasabi, Railgun, Tornado Cash, and CryptoMixer. These tools, designed to obfuscate transaction histories, have rendered a significant chunk of the funds near-impossible to track. From there, the assets were shuttled via bridges to peer-to-peer (P2P) and over-the-counter (OTC) platforms, further muddying the waters.
Zhou’s report also highlighted the hackers’ use of cross-chain swaps to launder the funds, with platforms such as Thorchain, eXch, Lombard, LiFi, Stargate, and SunSwap facilitating the conversion of illicit assets into more liquid forms. Notably, 84.45% of the stolen ETH—amounting to 432,748 ETH—has been swapped into bitcoin via Thorchain. Of this, 342,975 ETH, valued at approximately $960.33 million, now exists as 10,003 BTC, dispersed across 35,772 wallets, each holding an average of 0.28 BTC. Meanwhile, a smaller fraction, 5,991 ETH (worth roughly $16.77 million), lingers on the Ethereum blockchain, spread across 12,490 wallets.
In response to the breach, Bybit has rallied support through its Lazarus Bounty initiative, which has garnered 5,443 reports in just two months, though only 70 have proven actionable. Zhou issued a call to arms for skilled “bounty hunters” capable of unravelling the intricacies of crypto mixers, underscoring the urgent need for expertise to trace the vanished funds.
