Key Takeaways
- Bybit lost $1.4 billion in the largest Bitcoin-related theft.
- The hacker laundered 100% of the funds using THORChain.
- Bybit CEO confirmed 77% of the funds remain traceable.
On Feb. 21, Bybit suffered the largest Bitcoin-related theft in history, losing over $1.4 billion in liquid-staked Ether (stETH), Mantle Staked ETH (mETH), and other ERC-20 tokens.
The hacker moved all 500,000 stolen Ether (ETH), now worth $1.04 billion, primarily using the decentralized cross-chain protocol THORChain, according to blockchain security firm Lookonchain.
North Korea’s Lazarus Group linked to attack
Multiple blockchain analytics firms, including Arkham Intelligence, have identified North Korea’s Lazarus Group as the main perpetrator of the attack.
This follows South Korean sanctions against 15 North Koreans for allegedly using cyber theft to fund the country’s nuclear weapons program.
Some stolen funds may still be recovered
Despite laundering attempts, Bybit CEO Ben Zhou confirmed on March 4 that 77% of the funds remain traceable, though over $280 million has become untraceable.
About 3% of the funds have been frozen.
Cybersecurity firms, including Cyvers, are working on recovery efforts.
Co-founder Deddy Lavid noted that while mixers and cross-chain swaps complicate recovery, AI-driven models and collaboration with exchanges may help trace and freeze assets.
Bybit replaced the stolen $1.4 billion within three days and continues to process customer withdrawals.
