#BYBIT HACKERS LAUNDERED 18% OF STOLEN ETH: DETAILS...
- Hackers behind the Bybit exchange breach have already laundered 89,500 ETH ($224M) in just 2.5 days, according to on-chain analyst #EmberCN
- This represents 18% of the total 499,000 ETH stolen. The attack is now one of the largest crypto heists in history, with evidence pointing to North Korea-linked cybercriminals.
HOW THE BYBIT HACK UNFOLDED
Initial Compromise via Social Engineering:
- Hackers phished Bybit’s cold wallet signers, tricking them into approving malicious transactions.
- This allowed attackers to replace Bybit’s multi-signature wallet implementation contract with a fraudulent one.
Unauthorized Transfers:
- The attackers intercepted a routine transfer from Bybit’s cold wallet to its hot wallet.
- They managed to reroute 401,000 ETH (~$1.5 billion at the time) to their own addresses.
Asset Dispersion via Intermediary Wallets:
- The stolen #ETH was moved through multiple wallets to obscure its origins.
- Blockchain analysts flagged suspicious transactions consolidating with funds from other North Korea-linked attacks.
Conversion and Laundering Tactics:
- The hackers used Thor Chain for cross-chain transactions. They converted stolen #ETH into #BTC and DAI using decentralized exchanges (DEXs) and no-KYC swap services.
Strategic Laundering & Dormant Funds:
- A large portion of the stolen funds remains idle across different addresses. - This is a common North Korean tactic—they wait for heightened scrutiny to subside before moving more assets.
According to crypto crime reports, North Korean hackers stole:
- $660.5M across 20 incidents in 2023.
- $1.34B across 47 attacks in 2024 (a 102.88% increase).
- The Bybit exploit alone exceeded North Korea’s total crypto theft for all of 2024.
- Authorities and blockchain analysts are tracking the remaining 410,000 ETH, which the hackers may launder in the next 15 days. Efforts to freeze or recover stolen funds are underway.
Images: Bybit X platform and created by BSCN using AI