Bybit will never again recover its stolen $1.4 billion. In a record time of just ten days, those responsible for the biggest cryptocurrency theft in history managed to launder the entire 499,000 ETH stolen from the exchange platform. Despite active surveillance by blockchain analysis companies, law enforcement and exchange platforms, the hacker effectively exploited decentralized finance (DeFi) protocols to make these assets, estimated at $1.4 billion, disappear.
Table of Contents
Bybit hack leads to full money laundering in record time
The laundering process began immediately after the attack on February 21. The analysis platforms that tracked the movement of funds revealed that the hacker had already laundered over 89,000 ETH (around $224 million) within the first 60 hours. The attacker maintained a steady pace, converting an average of 45,000 ETH daily during the first few days.
The laundering continued methodically with a further 45,900 ETH ($113 million) the following day, then 71,000 ETH ($170 million) on February 27. After a slight pause on March 1, when only 14,300 ETH were processed, the activity picked up again, reaching its final objective on Tuesday March 4: all the stolen funds had disappeared from the traditional radar.
THORChain proved to be the main tool used by the hacker. According to Ben Zhou, CEO of Bybit, more than 361,000 ETH (over $900 million) have been exchanged via this cross-chain liquidity protocol.
Divergent analyses and hopes of recovery
The information provided by Bybit reports differ slightly from of EmberCN. Ben Zhou reported that around 83% of the stolen funds (worth around $1 billion) were converted into Bitcoin and then distributed across nearly 7,000 different wallets to disguise their origin.
Of the remaining amount, Zhou claims that 20% of the funds are now untraceable, while 3% have been frozen by various platforms. A significant portion of the untraceable assets (approx. 79,655 ETH) is believed to have been laundered via the exchange platform eXch, while 40,233 ETH passed through the web3 wallet of OKX.
FBI investigators have linked this attack to the infamous Lazarus Group from North Korea, known for its sophisticated hacking operations targeting the financial sector.
Despite the scale of the disaster, blockchain security experts maintain that some of the funds could still be recovered thanks to advanced tracing techniques on the blockchain.
As a journalist at Coinpri, I’ve been captivated by the world of bitcoin and blockchain since 2020. The decentralized aspect of Bitcoin particularly piqued my interest. Since then, I’ve been working constantly to spread my knowledge, hoping one day to see a world where everyone fully enjoys their financial freedom.
