Bybit Hackers Launder $113 Million in a Day

Hackers who breached the Bybit exchange laundered 45,900 ETH (~$113 million) in a single day, according to analysts at EmberCN. 

Bybit 黑客在过去 24 小时洗走了 4.59 万枚 ETH ($1.13 亿)。目前他们一共已经洗走了 13.5 万枚 ETH ($3.35 亿)，接近三分之一了。

现在 Bybit 黑客地址里还有 36.39 万枚 ETH ($9 亿)。以目前的频率只需要再有 8~10 天就洗完了。

本文由 #Bitget｜@Bitget_zh 赞助 https://t.co/nNwpWP0uEE pic.twitter.com/tpIi3LD7FU

— 余烬 (@EmberCN) February 26, 2025

The hackers’ address still holds 363,900 ETH (~$900 million). If they maintain their current pace, they could offload the remaining assets within 8-10 days.

The total laundered funds have reached 135,000 ETH (~$335 million).

Researchers at Beosin reported that the Bybit hacker has begun using the Maya Protocol to transfer the stolen assets.

Beosin Trace has tracked that the @Bybit_Official hacker has started using a new cross-chain bridge platform, Maya Protocol, to transfer assets. https://t.co/LAcjV4yfaS pic.twitter.com/KZx79pEvbj

— Beosin ? Web3 Security & Compliance (@Beosin_com) February 26, 2025

Bybit CEO Ben Zhou announced the launch of a site to track the activities of the North Korean hacker group Lazarus Group, which Arkham Intelligence experts linked to the platform breach. He described the initiative as a “bounty hunt.”

Join us on war against Lazarus — https://t.co/6DnaH1WTId
Industry first bounty site that shows aggregated full transparency on the sanctioned Lazarus money laundering activities. V1 includes:
— Becoming a bounty hunter by connecting your wallet and help tracing the fund, when…

— Ben Zhou (@benbybit) February 25, 2025

The site compiles information on laundering schemes and offers mechanisms to combat the perpetrators.

Users can connect their wallets and join the search for illicit funds. Successful asset freezes result in automatic rewards. 

“Freezers” receive 5% of each bounty. The platform also features rankings of reputable participants in the crypto industry.

Future plans include adding tools for regulators and tracking balances on “live” Lazarus wallets. The platform promises to continue until the hackers’ activities and those of their partners are fully stopped.

On February 25, EmberCN reported that the perpetrators had laundered 18% of the total stolen funds. On the same day, the exchange returned a loan of 40,000 ETH to Bitget.

Previously, cypherpunk Adam Back cited “flawed EVM design” as the cause of the incident.