Bybit seals ETH shortfall, CEO confirms new proof-of-reserves incoming
Bybit has officially sealed the $1.5 billion Ethereum gap left by one of the largest crypto heists in history. CEO Ben Zhou confirmed the recovery on X Monday morning, assuring users that a new proof-of-reserves (POR) report will be released soon.
“Bybit has already fully closed the ETH gap,” Zhou said. “New audited POR report will be published very soon to show that Bybit is again back to 100% 1:1 on client assets through Merkle tree. Stay tuned.” This means every dollar of customer assets is now fully backed, restoring balance after the attack.
Latest Update: Bybit has already fully closed the ETH gap, new audited POR report will be published very soon to show that Bybit is again Back to 100% 1:1 on client assets through merkle tree, Stay tuned. https://t.co/QLa1vOujM6
— Ben Zhou (@benbybit) February 24, 2025
Lazarus Group moves $140M in stolen Bybit funds
But while Bybit stabilizes, the hackers responsible for the theft are already laundering the stolen funds. Blockchain intelligence company Elliptic has tracked over $140 million in Ethereum moving across obscure transactions designed to erase digital footprints.
On-chain investigator ZachXBT was the first to pin the Bybit hack on Lazarus Group, North Korea’s notorious cybercrime unit. Elliptic confirmed that the hackers began laundering the funds merely minutes after the attack.
“Lazarus Group’s laundering process typically follows a characteristic pattern. The first step is to exchange any stolen tokens for a ‘native’ blockchain asset such as Ether. This is because tokens have issuers who in some cases can ‘freeze’ wallets containing stolen assets, whereas there is no central party who can freeze Ether or Bitcoin,” said Elliptic.
Stolen stETH and cmETH were immediately converted into ETH using decentralized exchanges (DEXs), eliminating the risk of centralized platforms blocking the transactions.
Once converted, the stolen ETH was split across 50 different wallets, each receiving roughly 10,000 ETH. From there, the hackers began emptying the wallets systematically. By February 23 at 10 PM UTC, 10% of the stolen funds—worth approximately $140 million—had already been moved.
The funds are now flowing through anonymous exchanges, cross-chain bridges, and other obfuscation methods.
eXch refuses to block Bybit hackers’ transactions
Elliptic has identified a major player in the laundering operation—a crypto exchange called eXch, which is notorious for allowing anonymous asset swaps, making it a popular choice for criminal organizations laundering millions in stolen crypto.
The investigators found that tens of millions of dollars in stolen Bybit assets have already been funneled through eXch. Despite Bybit’s direct requests to the exchange, eXch has pettily refused to intervene, allowing Lazarus Group to continue laundering the stolen funds.
eXch has publicly slammed Bybit, Zach, and even Cryptopolitan for reporting on Zach’s investigation about the shady exchange.
Meanwhile, Lazarus Group has been responsible for some of the largest crypto thefts in history, stealing over $6 billion since 2017. The group is believed to use stolen funds to finance the country’s ballistic missile program.
Elliptic said, “North Korea’s Lazarus Group is the most sophisticated and well-resourced launderer of cryptoassets in existence, continually adapting its techniques to evade identification and seizure of stolen assets.”
Cryptopolitan Academy: How to Write a Web3 Resume That Lands Interviews - FREE Cheat Sheet
Artículos Recomendados
