Efforts to locate the stolen $1.5 billion in Ethereum from Bybit encounter numerous challenges. Hackers employ diverse and effective strategies to obscure their tracks.
Hackers' Strategy
According to Joao Wedson, founder of cryptocurrency analytics firm Alphractal, the hacker has dispersed the funds across multiple addresses and platforms, complicating recovery efforts. The funds were transferred through various decentralized exchanges and financial platforms including OKX (Dex Router), Uniswap, Pendle Finance, Kilnfi (staking), and DLN Trade. Additionally, some funds were sent to centralized exchanges like KuCoin and less regulated platforms like Exchcx. This strategy follows a classic money laundering scheme by splitting funds into smaller transactions and spreading them across different platforms to obscure the tracks.
Tracking Difficulties
Wedson noted that patterns of movement point to the use of automation and crypto mixers, further complicating monitoring efforts. Some wallets initially holding 400 ETH expanded to 1,500 ETH and eventually reached 13,000 ETH before being fragmented again. At least 60,000 ETH remain intact, raising questions about the hacker's next move.
Likelihood of Recovery
Wedson believes the likelihood of recovering the stolen Ethereum is becoming increasingly slim. While exchanges and blockchain analytics firms attempt to block and track certain transactions, decentralized platforms and privacy-focused tools offer effective cover for cybercriminals. If darknet markets are involved, tracing the funds will become nearly impossible.
The probability of retrieving the stolen funds appears low. Complex laundering schemes and the use of privacy-focused platforms highlight the difficulty in recovering them.
