In what is now being called the largest cryptocurrency heist to date, North Korean state-backed hackers have stolen over $1.4 billion from the Bybit exchange. The attack, which took place on Friday, has sent shockwaves through the crypto industry as investigators trace how the Lazarus Group, an infamous hacking syndicate tied to Pyongyang, is laundering the stolen digital assets.
The Heist: How Lazarus Pulled It Off
The breach occurred during an attempted transfer of Ethereum tokens from Bybit’s cold wallet (an offline storage meant for security) to a hot wallet (an online wallet used for transactions). During this transfer, an intermediary exploited the system, successfully siphoning 401,000 ETH in a single hit.
According to blockchain analytics firm TRM Labs, there is “high confidence” that Lazarus Group was behind the attack, as their crypto wallet addresses match those used in previous North Korean cyber heists. Investigative researcher ZachXBT and analysts from blockchain security firm Elliptic confirmed similar findings.
Elliptic traced the funds, showing how the stolen Ethereum was immediately converted into Ether—a crucial move, since Ethereum-based tokens can be frozen by their issuers, while Ether itself cannot. Within minutes, hundreds of millions in stolen ETH were swapped and dispersed.
Laundering the Loot: The Lazarus Playbook
Lazarus Group follows a highly sophisticated and well-practiced laundering strategy to obscure stolen funds:
Breaking Down the Stash: The stolen Ethereum was split across 50 different wallets, each receiving about 10,000 ETH (~$26.66 million per wallet).
Draining Systematically: These wallets were methodically emptied, ensuring a gradual outflow that is harder to track.
Cross-Chain Laundering: The hackers are using decentralized exchanges (DEXs), cross-chain bridges, and centralized exchanges to further muddy the money trail.
Leveraging KYC-Free Exchanges: They funneled over $75 million through eXch, a cryptocurrency exchange that does not require identity verification (Know Your Customer, KYC).
Elliptic and ZachXBT flagged eXch for its role in enabling money laundering, but Bybit’s attempt to get the exchange to freeze stolen assets was initially met with resistance.
eXch’s Refusal to Cooperate
Bybit CEO Ben Zhou publicly urged eXch to block the outflow of stolen funds, but eXch pushed back, citing Bybit’s past criticism of their platform. In response, an eXch administrator stated that they eventually blacklisted the hacker’s addresses after receiving further clarification.
Despite these claims, Elliptic’s co-founder Tom Robinson reported that as of Monday, stolen funds were still actively being laundered through eXch. The true amount funneled through the exchange may exceed the reported $75 million.
Bybit’s Damage Control
To reassure users, Bybit swiftly took several steps:
- Liquidity Assurance: Zhou announced via livestream that the exchange had enough liquidity to cover withdrawals and was securing loans to cover the losses.
- Mass Withdrawals: Over 580,000 withdrawals have been processed since Friday, moving $4 billion worth of cryptocurrency off the platform.
- Bounty Offer: Bybit is offering a 10% reward to researchers who help recover the stolen funds.
- Partial Recovery: Bybit managed to reclaim $42.9 million through partner cooperation.
However, the hack has triggered fears of industry-wide ripple effects, with the crypto-focused bank Infini losing $49.4 million in USDC under similar circumstances on Sunday night.
The Bigger Issue: North Korea’s Crypto Warfare
This attack is not an isolated event. Lazarus Group has stolen over $3 billion in crypto over the past few years, funding North Korea’s nuclear and cyber warfare programs. Their techniques are growing more sophisticated, exploiting security gaps in both crypto platforms and regulatory loopholes.
The refusal of platforms like eXch to enforce KYC policies or cooperate raises serious questions about the security of the crypto ecosystem. Until the industry prioritizes security over unchecked growth, Lazarus and other state-backed hackers will continue their attacks—and their war chests will keep growing.
This is bigger than Bybit. This is about how the crypto industry handles security, hacking threats, and rogue states weaponizing digital currency. And right now, it looks like North Korea is winning.
Help us bring real change! Corporate lobbying has corrupted our system for too long, and it’s time to take action. Please sign and share this petition—your support is crucial in restoring accountability to our government. Every signature counts! Thank you!
https://www.ipetitions.com/petition/restore-our-republic-end-lobbying
Support truth, health, and preparedness by shopping the Alex Jones Store through our link. Every purchase helps sustain independent voices and earns us a 10% share to fuel our mission. Shop now and make a difference!
https://thealexjonesstore.com?sca_ref=7730615.EU54Mw6oyLATer7a
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
Scary stuff.
Almost makes one want to go back to the Bank of Mattress 😉
It definitely is, and I agree!