The Lazarus Group, a North Korean hacking collective believed to be behind the February 21st Bybit hack, has resumed its laundering activities, moving another 62,200 Ether amidst efforts from US authorities to block transactions linked to the exploiters. This latest move brings the total amount of Ether laundered by the group to $138 million.
According to X user EmberCN, approximately 343,000 Ether out of the 499,000 stolen during the Bybit hack has been moved so far, equating to around 68.7% of the total stolen funds. This represents a significant increase from the 54% figure on February 28th. The remaining funds are expected to be cleared in the next three days.
The FBI has shared 51 Ethereum addresses operated by or linked to the Bybit hackers, while blockchain analytics firm Elliptic has flagged over 11,000 crypto wallet addresses possibly linked to them. Crypto forensics firm Chainalysis has also reported that the hackers have converted portions of the stolen Ether into Bitcoin and other assets through decentralized exchanges and crosschain bridges.
One of the protocols used by the hackers includes THORChain, a crosschain asset swap protocol. The developers behind this protocol have received heavy criticism for facilitating significant transfers made by North Korean hackers. One of the developers, known as "Pluto," has stated that they will no longer contribute to the protocol after a vote to block North Korean hacker-linked transactions was reverted.
The $1.4 billion Bybit hack on February 21st remains one of the largest exploits in the crypto industry, with losses exceeding those from the $650 million Ronin bridge hack on March 23, 2022.
The FBI has shared 51 Ethereum addresses operated by or linked to the Bybit hackers, while blockchain analytics firm Elliptic has flagged over 11,000 crypto wallet addresses possibly linked to them. Crypto forensics firm Chainalysis said the hackers had converted portions of the stolen Ether into Bitcoin (BTC), the Dai (DAI) stablecoin and other assets through decentralized exchanges, crosschain bridges and instant swap services without Know Your Customer protocols.
The remaining funds amounting to $346 million are still up for grabs. The Bybit hacker still has another $346 million of Ether left to launder, should they choose to do so.