Blockchain analytics firm Elliptic has shared new insights into the Bybit hack, confirming that the attack was orchestrated by North Korea's Lazarus Group. According to their findings, there is a high likelihood that the stolen funds will be laundered through crypto mixers.
Lazarus Laundering Methods
Elliptic noted that the Lazarus group often launders its stolen funds through numerous cryptocurrency networks. They follow a certain pattern, which starts by exchanging the stolen tokens for a 'native' blockchain asset such as Ether. This is because tokens have issuers who can freeze wallets containing stolen assets, whereas there is no central authority that can freeze Ether or Bitcoin.
Laundering of Stolen ETH Through Mixers and Wallets
Following the Bybit hack, hackers moved quickly to exchange tokens for ETH, commonly using decentralized exchanges to evade censorship on centralized platforms. The next phase, known as layering, complicates tracking. This phase often involves crypto mixers like Tornado Cash and sending funds through large numbers of crypto wallets.
eXch as a Possible Culprit
Elliptic and other analysts identified eXch as one of the platforms possibly used to launder the stolen funds. The platform allegedly refused to cooperate with requests to block illegal transactions. However, eXch's team denied these claims, stating their funds were secure and unaffected by the Bybit hack.
Elliptic highlighted that the Lazarus group is one of the most sophisticated and well-resourced crypto asset launderers in existence, constantly adapting their techniques to evade identification and seizure of stolen assets. Some experts call for greater cooperation among platforms to freeze stolen funds and make crypto hacks less profitable.
