Bybit Hacker Launders $1.04B of Stolen Funds Through THORChain, Some Assets May Still Be Recoverable

Bybit Hacker Launders $1.04B in Stolen ETH Through THORChain, Marking Largest Crypto Theft in History

  • Bybit Hacker has laundered 100% of the $1.04 billion in stolen ETH through THORChain, marking the largest crypto theft in history.
  • Despite the laundering, approximately 77% of the stolen funds remain traceable while 3% have been frozen, according to Bybit’s CEO.
  • Blockchain security experts suggest some funds may still be recoverable through on-chain intelligence and collaboration with exchanges and regulators.

The attacker behind the $1.4 billion Bybit hack has successfully laundered all 499,395 ETH (worth approximately $1.04 billion) stolen during the February breach, primarily using the decentralized crosschain protocol THORChain. This represents the complete laundering of funds from what is now considered the largest cryptocurrency theft in history.

- Advertisement -

According to blockchain security firm Lookonchain, the laundering operation was completed as of March 4, with the hacker methodically moving the substantial ETH holdings through various channels to obscure their origin. "The #Bybit hacker has laundered all the stolen 499,395 $ETH($1.04B currently), mainly through #THORChain," Lookonchain reported in a post on X.

The February 21 breach involved the theft of over $1.4 billion in various tokens, including liquid-staked Ether (STETH), Mantle Staked ETH (mETH), and other ERC-20 tokens. Multiple blockchain analytics firms, including Arkham Intelligence, have attributed the attack to North Korea‘s Lazarus Group, a notorious Hacking collective known for targeting cryptocurrency platforms.

This laundering operation comes just two months after South Korean authorities imposed sanctions on 15 North Koreans allegedly involved in raising funds for North Korea‘s nuclear weapons program through cryptocurrency theft and cyber attacks.

Despite the comprehensive laundering effort, security experts maintain that recovery possibilities still exist. Deddy Lavid, co-founder and CEO of blockchain security firm Cyvers, offered a cautiously optimistic assessment: "While laundering through mixers and cross-chain swaps complicates recovery, Cybersecurity firms leveraging on-chain intelligence, AI-driven models, and collaboration with exchanges and regulators still have small opportunities to trace and potentially freeze assets."

Lavid emphasized that timing is crucial in such recovery efforts, adding, "Rapid response is key once funds are deeply obfuscated, recovery becomes significantly harder. The main stolen fund prevention is mainly before or during the hack."

On March 4, Bybit CEO Ben Zhou provided an update on the situation, confirming that approximately 77% of the stolen funds remain traceable, while over $280 million "has gone dark." Zhou noted that 3% of the stolen funds have been successfully frozen.

- Advertisement -

In a demonstration of financial resilience, Bybit honored all customer withdrawals following the attack and had fully replaced the stolen $1.4 billion in Ether by February 24, just three days after the security breach.

Security firms like Cyvers are working to develop preventative measures against similar attacks in the future. Michael Pearl, vice president of GTM strategy at Cyvers, told Cointelegraph about an emerging solution called offchain transaction validation, which could potentially prevent 99% of crypto hacks and scams by simulating and validating blockchain transactions in an offchain environment before execution.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -

Latest News

BPX Gains FCA Nod to Trade Tokenized Securities in the UK

BPX, a startup focused on trading tokenized securities, received several authorizations from the UK’s...

Shopify, Coinbase Launch USDC Payments; Mastercard Expands Crypto Access

Shopify and Coinbase allow merchants to accept USDC stablecoin payments, making crypto transactions easier...

Coinbase Launches Wrapped ADA and LTC on Base, COIN Hits New High

Coinbase has introduced wrapped versions of Cardano (ADA) and Litecoin (LTC) on its Ethereum...

ClickFix Attacks Surge 517% in 2025, Fake CAPTCHAs Spread Malware

ClickFix attacks using fake CAPTCHA verifications have risen by 517% in early 2025, according...

FHFA Orders Fannie, Freddie to Consider Crypto as Mortgage Collateral

The U.S. Federal Housing Finance Agency ordered Fannie Mae and Freddie Mac to consider...

Must Read

9 Best Trading Platforms for Crypto Beginners

Many newcomers to the crypto space are looking for platforms to buy, sell and exchange cryptocurrencies. While there are hundreds of crypto exchanges around...