The notorious North Korean hacking group Lazarus has successfully laundered all 499,000 ETH (worth $1.39 billion) stolen from crypto exchange Bybit, completing the operation in just 10 days according to blockchain analytics firm EmberCN.
During the laundering process, Ethereum's price experienced a sharp 23% decline, dropping from $2,780 to $2,130 as the stolen funds moved through various mixers and exchanges.
THORChain emerged as the primary laundering platform, processing $5.9 billion in transactions and collecting $5.5 million in fees. This marks the largest single crypto laundering operation in history.
Despite Bybit's aggressive countermeasures, including a bounty program offering up to $140 million in rewards for information leading to fund recovery, the stolen assets are now scattered across the blockchain and virtually impossible to retrieve.
The initial breach occurred on February 21 when Lazarus compromised SafeWallet, Bybit's transaction management software. The hackers modified JavaScript code hosted on AWS infrastructure to redirect a planned transfer between wallets.
Ben Zhou, Bybit's CEO, has pledged to continue fighting crypto theft through a new "HackBounty platform" initiative. The exchange has already paid out over $4 million to individuals who helped trace transactions connected to the theft.
The incident has sparked debate within the cryptocurrency community about balancing decentralization with security measures. While some platforms like Chainflip implemented protective measures against illicit activities, others such as THORChain faced internal disagreements about restricting transactions.
This successful laundering operation highlights ongoing challenges in cryptocurrency security and raises questions about the effectiveness of current anti-theft measures in the digital asset space.