North Korea’s Lazarus Group has laundered another 62,200 Ether (ETH), valued at approximately $138 million, from the February 21 Bybit hack. This latest transfer leaves only 156,500 ETH left to be moved, according to pseudonymous crypto analyst EmberCN.
Majority of Stolen Funds Already Laundered
Out of the 499,000 ETH stolen in the $1.4 billion Bybit hack, approximately 343,000 ETH—equivalent to 68.7% of the stolen funds—has now been laundered. This marks a sharp increase from February 28, when only 54% of the stolen funds had been moved. EmberCN predicts that the remaining funds could be fully transferred within the next three days.
Laundering efforts had temporarily slowed following intervention by the U.S. Federal Bureau of Investigation (FBI), which called on crypto exchanges, node operators, and blockchain bridges to block transactions linked to the Bybit hackers. However, the Lazarus Group has resumed its activities, continuing to move substantial portions of the stolen funds.
Efforts to Track and Block Transactions
The FBI has identified 51 Ethereum addresses linked to the Bybit hackers, while blockchain analytics firm Elliptic has flagged over 11,000 crypto wallet addresses potentially associated with them. Crypto forensics company Chainalysis reported that the hackers have been converting portions of the stolen ETH into Bitcoin (BTC), Dai (DAI), and other assets through decentralized exchanges, cross-chain bridges, and instant swap services that lack Know Your Customer (KYC) protocols.
Among these services, the cross-chain asset swap protocol THORChain has come under heavy scrutiny for allegedly facilitating a significant portion of the Lazarus Group’s laundering activities. One of THORChain’s developers, known as “Pluto,” has since announced they will no longer contribute to the project after a vote to block transactions linked to the hackers was reverted. THORChain’s founder, John-Paul Thorbjornsen, has distanced himself from the situation, stating that he no longer has involvement with the protocol.
Largest Crypto Hack in History
The Bybit exploit stands as the largest hack in crypto history, surpassing the $650 million Ronin bridge hack from March 2022 by more than double. As law enforcement agencies and crypto firms attempt to contain the damage, the Lazarus Group continues to evade restrictions, raising concerns over the effectiveness of current countermeasures against illicit crypto activities.
