- North Korean Hackers have laundered 68.7% ($138 million worth) of ETH stolen from the $1.4 billion Bybit breach, with remaining funds expected to move within days.
- Law enforcement agencies have identified and flagged thousands of wallet addresses associated with the hackers, as the FBI calls for industry-wide cooperation.
- Controversy surrounds THORChain after developers clashed over whether to block transactions linked to the North Korean hackers.
North Korean hackers continue to move stolen funds from February’s massive Bybit breach, laundering an additional 62,200 Ether ($138 million) on March 1. According to crypto analyst EmberCN, the Lazarus Group has now processed 343,000 ETH—representing 68.7% of the total 499,000 ETH stolen in what stands as crypto’s largest-ever exploit.
The notorious Hacking group, linked to the North Korean government, has approximately 156,500 ETH (worth around $346 million) still to launder. EmberCN said on social platform X that the remaining funds could be moved within the next three days, marking a significant acceleration from previous laundering activities.
The percentage of laundered funds has jumped substantially from 54% reported on February 28. Earlier, EmberCN had noted that laundering operations temporarily slowed following intervention from the FBI, which called on cryptocurrency industry participants to block transactions connected to the hackers.
Law enforcement and blockchain intelligence firms have coordinated efforts to track the stolen assets. The FBI has shared 51 Ethereum addresses linked to the Bybit hackers, while analytics firm Elliptic has identified over 11,000 potentially connected wallet addresses.
According to Chainalysis, the hackers have utilized a range of decentralized services to convert the stolen Ether into Bitcoin, DAI stablecoin, and various other cryptocurrencies. Their methods include decentralized exchanges, cross-chain bridges, and KYC-free instant swap services—all chosen to obscure the money trail.
The cross-chain swap protocol THORChain has faced significant criticism for enabling transactions by the North Korean hackers. One developer known as “Pluto” reportedly ceased contributing to the protocol after a vote to block Hacker-linked transactions was reversed.
In response to the controversy, THORChain founder John-Paul Thorbjornsen clarified that he is no longer involved with the protocol. He also noted that none of the sanctioned wallet addresses listed by U.S. authorities have directly interacted with THORChain.
The February 21 Bybit hack, totaling $1.4 billion in losses, dwarfs previous crypto security incidents—including the $650 million Ronin bridge hack from March 2022, which was also attributed to North Korean hackers.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Custodia Bank CEO: US Government Has “Done Nothing” on Crypto Banking Issues Since Trump’s Return
- Ethereum Foundation Names Hsiao-Wei Wang and Tomasz Stańczak as New Co-Executive Directors
- Ethereum Foundation Appoints New Co-Directors to Lead Ecosystem Transition
- UT Austin Researchers Develop Biomass Technology That Produces Four Gallons of Clean Water Daily From Air
- U.S. Spot Bitcoin ETFs See $94.3 Million Inflow After Eight-Day Outflow Streak