Lazarus’ Crypto Heist: Bybit CEO Says 89% Can Still Be Tracked
Source: Bitcoinist
The Bybit hack on February 21st has been described as the biggest crypto breach in history. According to the authorities’ final analysis, the popular crypto exchange lost over $1.4 billion in digital assets, primarily Ether.
Hours after the successful hacking, it was also revealed that North Korea’s Lazarus Group was the one who pulled off the heist. Multiple reports also disclosed that the crypto exchange ignored some security flaws months before the incident, allowing the group to compromise the cold wallet.
In the latest twist to the hacking saga, Bybit’s Ben Zhou has shared that around 88.87% of the stolen funds are still traceable. Zhou shared these latest developments through his Twitter/X account, stating that 3.54% of the funds are frozen, and 7.59% of the stolen funds have seeped into the dark web and are no longer traceable.
3.20.25 Executive Summary on Hacked Funds:
Hacker started to use mixers: 1. Wasbi 2. CryptoMixer 3. Railgun 4. TornadoCash
Total hacked funds of USD 1.4bn around 500k ETH. 88.87% remain traceable, 7.59% have gone dark, 3.54% have been frozen.
Breakdown: – 86.29% (440,091 ETH,…— Ben Zhou (@benbybit) March 20, 2025
Lazarus Group Used Mixers To Hide Funds
In a Twitter/X post on March 20th, Zhou shared the results of the company’s internal investigations into the hacking incident. According to Zhou, the hackers used several Bitcoin mixers, including CryptoMixer, Railgun, Wasabi, and TornadoCash. Of the $1.4 billion in stolen funds, around 88.87% are still traceable, 7.59% are now lost, and some 3.54% are still frozen.
Zhou offered a breakdown of the status of the stolen funds. Zhou shared that 82.29% or 440,091 Ether worth around $1.23 billion have been converted into 12,835 Bitcoins distributed to 9,117 crypto wallets.
Zhou Asks For Help In Tracing Missing Funds
In the same Twitter/X post, Zhou shared that around 193 Bitcoins were transferred to the Wasabi Mixer. After transferring these funds to the mixer, Zhou noted that the stolen funds were transferred to different P2P vendors.
Zhou believes the trend will continue as more stolen funds enter the mixers. The Bybit CEO admits that using decoding mixer transactions is the company’s primary challenge. Zhou acknowledges these challenges and is now asking the general public for help.
In the past month, the exchange has received 5,012 bounty reports, and 63 of these reports were valid. Zhou reiterated that they seek more bounty hunters to solve the hacking problem.
Image depicting hackers in action. Source: Gemini Imagen.
Bybit Admitted The Presence Of Risks But Ignored These
In an interview, the Bybit CEO admitted they received warnings about the platform’s security flaws months before the breach. He added that they noticed that their Safe was no longer compatible with the exchange’s security framework about three or four months before the hack.
Zhou admitted they could have replaced the Safe, and they’re looking at this option now. Safe’s chief product officer, Rahul Rumalla, defended the product and the company, sharing that additional security features have been added. Rumalla said that their job was not just to address the problem but to ensure that the same breach would never happen again.
Featured image from Vox, chart from TradingView
Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
