BYBIT CEO has called for more fishermen to help track stolen encryption, nearly 28 % of $ 1.4 billion that Lazaros Group looted in North Korea.
During the summary of the summary of the money that was hacked in a post on April 21, the co -founder and CEO Ben Chu said that about $ 386 million of the hacked money had “become dark” after it was transferred through mixers and bridges towards many platforms of peers and insights.
4.21.25 Executive Summary of the Funds that have been hacked: the total hacker amounting to $ 1.4 billion around ETH 500K. 68.57 % remains a track, 27.59 % remained dark, 3.84 % was frozen. The money that cannot be tracked in the first place flowed into mixers and then via bridges to P2P and OTC platforms. Recently, we have
For those who are not aware, encryption mixers are services that hide the origin of digital assets by mixing money from several users and redistributing them to new addresses.
This process breaks the link on the series between the sender and the future, which makes the tracking more difficult.
Crackle mixers were created primarily as a tool to improve privacy, but they are widely exploited Washing stolen money.
According to Zhou, the attackers drained about 500,000 ETH in February by controlling a cold wallet.
Nearly 68.6 % of the stolen money is still tracked, while recovery efforts have been frozen so far at a little less than 4 %, a relatively small part, about $ 54 million.
The stolen eth was first transferred to Bitcoin via Thorchain, with 432,748 ETH (about $ 1.21 billion).
From this, 342,975 ETH, at a value of approximately $ 960 million, was transferred to 10,003 BTC and divided into approximately 36,000 wallets.
Another 5991 ETH, or about $ 17 million, remains on ETHEREUM, dispersed across 12,000 wallets.
On the side of Bitcoin, Zhou revealed that 944 BTC (about 90 million dollars) passed by a warbi mixer, with smaller amounts and then other services, such as Cryptomixer, Tornado Cash and Railgun.
The bad actors also benefited from the crosses of the crossed chain using platforms such as Exch, Lombard, LiFi, Stargate and Sunswap before eventually liquidating the slopes.
To track these movements, Bybit launched the Lazarus Bounty program in February, offering $ 140 million of rewards to anyone who can help in the recovery process.
So far, 70 of more than 5400 reports have been validated. The largest part of the $ 2.3 million of paid bonuses has gone to the Mantle Layer-2, which helped to freeze the stolen Crypto with a value of $ 42 million.
“We need more bonus fishermen who can decipher the mixers,” Zhu said, noting the increasing complexity of tracing these funds while wearing them via multiple chains.
Date of penetration bybit
Beit in February 2025 became the largest security incident in the encryption industry since its inception.
Lazarus has been welcomed by the state of the state’s piracy in North Korea as the main suspect behind the breach.
On February 21, the attackers were said to take advantage of the BYBIT port from Ethereum Multisig Cold while moving a routine to the warm stock exchange by processing the signature interface.
Although the correct wallet title was presented at the end of bybit, the basic smart contract logic has been changed to rehabilitation funds for the infiltrators.
separate a report Mandriant, which was released in March, claimed that the breach may have started an investment project in fake stocks with harmful programs.
It was claimed that malware has been downloaded on a Mac laptop belonging to a developer in Safe {Wallet}, which is an infrastructure with a built -in third party with bybit.
