Bybit CEO confirms that $280M of the stolen $1.4B is no longer traceable
- Bybit CEO has said that 20% of the $1.4 billion stolen from the exchange is untraceable
- Hackers converted $1 billion in ETH to BTC via THORChain and spread it
- So far, 11 bounty hunters have assisted in freezing $42 million of the stolen funds
In a stunning update, Bybit CEO Ben Zhou has revealed that $280 million of the $1.4 billion stolen from the cryptocurrency exchange in the February hack has vanished into untraceable channels.
3.4.25 Executive Summary on Hacked Funds:
Total hacked funds of USD 1.4bn around 500k ETH, 77% are still traceable, 20% has gone dark, 3% have been frozen.
Breakdown:
83% (417,348 ETH, ~$1B) have been converted into BTC with 6,954 wallets (Average 1.71 btc each) . This andBen Zhou (@benbybit) March 4, 2025
The security breach, attributed to the North Korean hacking group Lazarus, saw approximately 500,000 Ether (ETH) pilfered from Bybits reserves. While the majority of the funds remains visible on the blockchain, Zhous announcement underscores the challenges facing investigators as they race against time to freeze the assets before the hackers fully cash out.
The attack exploited vulnerabilities in SafeWallet, a third-party wallet platform used by Bybit. Lazarus hackers compromised a developers device, injecting malicious code that allowed them to siphon off nearly $1.5 billion in ETH during a routine transfer.
Despite Bybits swift action to restore 1:1 backing of client assets within days, the hackers have been relentlessly moving the stolen funds across multiple platforms, complicating recovery efforts.
Hackers leveraged THORChain to fragment funds
A significant portion of the stolen Ether417,348 ETH valued at around $1 billionhas been converted into Bitcoin (BTC) and scattered across 6,954 wallets, each holding an average of 1.71 BTC.
Zhou noted that 72% of the haul, or 361,255 ETH worth $900 million, was funneled through THORChain, a decentralized exchange known for its privacy features.
THORChain alone processed a record $4.66 billion in swaps in the week ending March 2, raking in over $5.5 million in fees from these illicit transactions. This fragmentation and conversion strategy has made tracking the funds increasingly difficult for blockchain forensic teams.
Meanwhile, 20% of the stolen assetsapproximately 79,655 ETHhave gone dark, meaning theyve been laundered through platforms like ExCH and rendered untraceable.
Zhou highlighted that an additional 40,233 ETH, worth $100 million, passed through OKXs Web3 Proxy. Of this, 23,553 ETH ($65 million) remains untraceable without further cooperation from the OKX Wallet team, while 16,680 ETH is still within reach of investigators.
The CEO stressed that the next one to two weeks are pivotal as the hackers prepare to offload their haul via exchanges, over-the-counter (OTC) trading desks, and peer-to-peer (P2P) networks.
Bybit has enlisted bounty hunters amid freezing efforts
In a bid to thwart the hackers, Bybit has enlisted the help of bounty hunters and security firms.
Zhou reported that 11 partiesincluding prominent players like Mantle, Paraswap, and blockchain sleuth ZachXBThave assisted in freezing $42 million, or 3% of the stolen funds.
So far, Bybit has paid out $2.178 million in USDT to these contributors as part of its recovery efforts, with more details available at Lazarusbounty.com. The exchange also partnered with Web3 security firm ZeroShadow on February 25 to enhance its blockchain forensics and maximize asset recovery.
Despite these efforts, the hackers show no signs of slowing down. Blockchain analytics firm Elliptic has identified over 11,000 wallets linked to the Lazarus group, suggesting a sprawling network designed to obscure their tracks.
Free Real-time Bybit Exploit Data
Elliptic has launched a free data feed of illicit addresses linked to the Bybit exploit.
Why it matters:
Minimize exposure to sanctions
Stop laundering of stolen funds
Strengthen crypto securityAccess via CSV or API pic.twitter.com/U9Qa2tc8Zz
Elliptic (@elliptic) February 25, 2025
Zhou indicated that an additional $65 million in ETH could be salvaged with OKXs support, but time is running out as the attackers continue laundering operations through platforms like ExCH and OKX Web3 Proxy.
The post Bybit CEO confirms that $280M of the stolen $1.4B is no longer traceable appeared first on CoinJournal.
Read more: https://coinjournal.net/news/bybit-ceo-confirms-that-280m-of-the-stolen-1-4b-is-no-longer-traceable/
Text source: CoinJournal: Home
