Blockchain analytic firm Elliptic shared a key insight into the Bybit hack.
The platform predicts that the hackers, now identified as the notorious Lazarus group, are likely to launder the stolen funds using crypto mixers.
Lazarus Launders in Different Ways
Elliptic, in a post, noted that the aftermath of the Bybit hack could follow a similar pattern to previous hacks. The security already identified North Korea’s Lazarus Group as the culprit behind Friday’s attack.
🚨 Elliptic Research: The Largest Theft in History – Following the Money Trail from the Bybit Hack 🚨
On Feb 21, 2025, $1.46 billion in crypto was stolen from Bybit, making it the largest crypto theft ever.
Elliptic has attributed the attack to North Korea’s Lazarus Group,… pic.twitter.com/pM6fOn6Bol
— Elliptic (@elliptic) February 24, 2025
Elliptic noted that Lazarus often laundered its stolen funds via thousands of crypto networks. Offering insights into the group’s laundering pattern, Elliptic wrote, “Lazarus Group’s laundering process typically follows a characteristic pattern. The first step is to exchange any stolen tokens for a “native” blockchain asset such as Ether. This is because tokens have issuers who, in some cases, can “freeze” wallets containing stolen assets, whereas there is no central party who can freeze Ether or Bitcoin.”
Lazarus Hackers Launder Stolen ETH Through Mixers and Wallets
Interestingly, following the Bybit hack, hackers quickly moved to exchange tokens for ETH. As expected, the group often relies on decentralized exchanges for these transactions, avoiding possible censorship on centralized platforms.
Source: Elliptic
Additionally, Elliptic, in its blog post, noted that Lazarus is currently in the next phase of its laundering process. This phase involves layering the stolen funds to prevent any tracking. Although the transparent nature of blockchain technology makes it easy to track transactions, layering complicates the process.
Furthermore, a likely layering effort used by hackers involves using crypto mixers like Tornado Cash and sending funds through large numbers of crypto wallets. Elliptic identified that Lazarus used around 50 wallets, each containing around 10,000 ETH to push the funds.
Elliptic Names eXch as a Possible Culprit
Interestingly, Elliptic and other analysts named eXch as one of the most likely used platforms to launder stolen crypto. The platform has reportedly refused to cooperate with requests to block these illegal transactions.
At this point is really not about bybit or any entity, it’s about our general approach towards hackers as an industry, really hope that @eXch can reconsider and help us to block funds outflowing from them. We are also getting help from Interpool and international regulatory… https://t.co/wRzN925X9l
— Ben Zhou (@benbybit) February 23, 2025
However, eXch’s team quickly dismissed claims of its cooperation with hackers. The platform’s team denied laundering for the Lazarus Group, adding that its funds were safe and unaffected by the Bybit hack.
The team said on the BitcoinTalk Forum, “The insignificant portion of funds from the Bybit hack eventually entered our address 0xf1da173228fcf015f43f3ea15abbb51f0d8f1123 which was an isolated case and the only part processed by our exchange, fees from which we will be donated for the public good. There are no other addresses on the Ethereum blockchain, aside from deposit addresses that interact with this address, that are associated with our exchange.”
Interestingly, Lazarus has successfully laundered millions of its hacks using crypto platforms. Elliptic described the group as “the most sophisticated and well-resourced launderer of crypto assets in existence, continually adapting its techniques to evade identification and seizure of stolen assets.”
In addition, some crypto experts have called for cooperation among crypto platforms to help freeze stolen funds and make crypto hacks less profitable.
Disclaimer
The information discussed by Altcoin Buzz is not financial advice. This is for educational, entertainment and informational purposes only. Any information or strategies are thoughts and opinions relevant to accepted levels of risk tolerance of the writer/reviewers, and their risk tolerance may be different from yours.
We are not responsible for any losses that you may incur as a result of any investments directly or indirectly related to the information provided. Bitcoin and other cryptocurrencies are high-risk investments, so please do your due diligence.
Copyright Altcoin Buzz Pte Ltd.