#Bybit CEO Claims 77 Percent of Stolen Funds Are Still Traceable
More than 77% of the funds stolen in the massive Bybit hack remain traceable, while 20% have gone dark, CEO #BenZhou said Tuesday on X.
He noted that this week is critical for freezing stolen assets before they are laundered through exchanges, over-the-counter (OTC) platforms, and peer-to-peer networks.
That said, security experts say that only a small portion of the assets could still be traced and frozen. Deddy Lavid, co-founder and CEO of blockchain security firm Cyvers, explained that mixers and cross-chain swaps complicate asset recovery, but tools like on-chain intelligence and AI-driven models could help track and freeze some funds.
Hackers stole 417,348 ETH (about $1 billion), moving the majority through privacy-focused THORChain. Roughly 79,655 ETH ($200 million) vanished after being funneled through ExCH, while 40,233 ETH ($100 million) passed through OKX’s Web3 proxy—with 23,553 ETH ($65 million) now untraceable.
The attackers converted 83% of the stolen ETH (361,255 ETH or $900 million) into BTC, distributing it across 6,954 wallets using THORChain, averaging 1.71 BTC per wallet. THORChain saw record activity, processing $4.66 billion in swaps last week, with $5.5 million in fees coming from these illicit flows.
Some stolen funds may still be recovered
Security firms like Cyvers are working on new measures to stop similar attacks. Offchain transaction validation, a technology that pre-simulates and validates transactions before execution, could prevent 99% of crypto hacks, according to Michael Pearl, VP of GTM strategy at Cyvers.
The hack was traced back to North Korea’s Lazarus Group, which compromised Bybit in late February. The group injected malicious code into SafeWallet, a third-party wallet used by the exchange. The breach allowed hackers to manipulate transactions and siphon off nearly $1.5 billion in ETH after compromising a developer’s device.
