Summary: On February 21, 2025, the cryptocurrency exchange Bybit was targeted in a cyberattack that resulted in the theft of 499,000 Ethereum (ETH), valued at around .4 billion. The North Korean Lazarus Group facilitated the laundering of the stolen funds, primarily converting them to Bitcoin (BTC) through cross-chain transactions and obfuscating their trail across thousands of wallet addresses. Given the scale and sophistication of the laundering process, key players like THORChain are now facing regulatory scrutiny as investigations are likely to intensify.
Affected: Bybit cryptocurrency exchange
Keypoints :
- 499,000 ETH valued at .4 billion was stolen from Bybit, primarily using the SafaWallet.
- 77% of the stolen funds remain traceable, while 20% have been anonymized, and 3% have been frozen.
- THORChain profited from transaction fees during the laundering process, attracting potential regulatory scrutiny.
- Over 11,000 wallet addresses were used to disperse the stolen assets, complicating tracking efforts.
- U.S. law enforcement, including the FBI, is expected to investigate the incident and THORChainβs involvement.