The hackers who breached the ByBit cryptocurrency exchange effectively laundered the stolen 499,000 ETH ($1.39 billion) in just 10 days, utilizing THORChain as the primary conduit.
Sophisticated Laundering Techniques
Hackers reportedly used mixing techniques, instant swap services, and decentralized platforms without KYC requirements. THORChain processed $5.9 billion in transaction volume, earning $5.5 million in fees.
FBI Confirms North Korean Involvement
The FBI officially linked the hack to North Korea, stating in a February 26, 2025 announcement that TraderTraitor cyber actors were responsible. The attackers converted funds into Bitcoin and other cryptocurrencies, dispersing them across thousands of addresses. The FBI calls for blocking transactions tied to these assets.
How the Hack Happened
Bybit confirmed the hack occurred during a routine Ethereum transfer from a 'cold' wallet to a 'warm' wallet. The attacker exploited a vulnerability, gaining access to the funds. Despite the breach, ByBit CEO Ben Zhou assured user asset safety and full coverage of losses through the company's resources.
ByBit continues its efforts to recover the stolen funds, enlisting cybersecurity experts and blockchain analysts to aid in this process.
