The Bybit exploiter has laundered 100% of the stolen funds after staging the biggest hack in crypto history, but some of the funds may still be recoverable by blockchain security experts.
On Feb. 21, Bybit was hacked for over $1.4 billion worth of liquid-staked Ether (STETH), Mantle Staked ETH (mETH) and other ERC-20 tokens, resulting in the largest crypto theft in history.
The hacker has since moved all 500,000 stolen Ether (ETH), now valued at approximately $1.04 billion, primarily through the decentralized crosschain protocol THORChain, blockchain security firm Lookonchain reported in a March 4 post on X:
“The #Bybit hacker has laundered all the stolen 499,395 $ETH($1.04B currently), mainly through #THORChain.”
Source: Lookonchain
North Korea’s Lazarus Group has converted the stolen proceeds despite being identified as the main culprit behind the attack by multiple blockchain analytics firms, including Arkham Intelligence.
The news comes over two months after South Korean authorities sanctioned 15 North Koreans for allegedly generating funds for North Korea’s nuclear weapons development program through cryptocurrency heist and cyber theft.
Still, blockchain security experts are hopeful that a small portion of these funds can be frozen and recovered by the Bybit.
Related: Can Ether recover above $3K after Bybit’s massive $1.4B hack?
Some of Bybit’s stolen funds may be recoverable
Some of the laundered funds may still be traceable despite the asset swaps, according to Deddy Lavid, co-founder and CEO of blockchain security firm Cyvers:
“While laundering through mixers and cross-chain swaps complicates recovery, cybersecurity firms leveraging on-chain intelligence, AI-driven models, and collaboration with exchanges and regulators still have small opportunities to trace and potentially freeze assets.”
“Rapid response is key once funds are deeply obfuscated, recovery becomes significantly harder. The main stolen fund prevention is mainly before or during the hack,” he added.
On March 4, Bybit CEO Ben Zhou confirmed that approximately 77% of the funds were traceable, but over $280 million of the stolen funds “has gone dark,” while 3% of the funds have been frozen.
Bybit has continued to honor customer withdrawals and had fully replaced the stolen $1.4 billion in Ether by Feb. 24, just three days after the attack.
Related: Bybit hackers may be behind Solana memecoin scams — ZachXBT
Crypto security firms like Cyvers are working on pre-emptive measures to combat future attacks.
An emerging solution, known as offchain transaction validation, could prevent 99% of all crypto hacks and scams by preemptively simulating and validating blockchain transactions in an offchain environment, Michael Pearl, vice president of GTM strategy at Cyvers, told Cointelegraph.
Magazine: THORChain founder and his plan to ‘vampire attack’ all of DeFi
