**Title: Major Crypto Heist: $480M in Stolen ETH Laundered Through ThorChain, Turning into Bitcoin via DeFi Tools**
In a significant development, hackers have successfully laundered $480 million in stolen Ethereum (ETH) using ThorChain, converting their assets into Bitcoin (BTC) through decentralized cross-chain transactions. The notorious Lazarus Group, linked to the FBI and believed to be a North Korean state-sponsored entity, utilized decentralized finance (DeFi) tools like ThorChain and eXch to obscure their activities, managing to convert funds at an impressive rate of $3.2 million per hour.
The hackers involved in the Bybit security breach transferred a staggering 209,384 ETH, valued at $480 million, into Bitcoin primarily through decentralized platforms, with ThorChain being the main facilitator. According to reports, the Bybit hacker has laundered a total of 270,000 ETH (approximately $605 million), which constitutes 54% of the stolen funds, while still retaining 229,395 ETH, worth around $514 million.
Ethereum security analyst Taylor Monahan, along with blockchain analytics firm Arkham Intelligence, highlighted these transactions, which represent over half of the 400,000 ETH stolen from the exchange, in addition to 113,000 ETH-pegged tokens.
In an alarming update, Arkham reported that wallets associated with the Lazarus Group have funneled over $240 million of ETH through ThorChain, primarily swapping these funds for native Bitcoin.
The U.S. Federal Bureau of Investigation (FBI) has attributed this cyberattack to the Lazarus Group, which has been linked to numerous cryptocurrency thefts. The group cleverly employed DeFi protocols to mask their transaction trails, converting parts of the stolen ETH into Bitcoin through ThorChain and the non-custodial exchange eXch shortly after the breach occurred.
ThorChain, a decentralized exchange (DEX) that facilitates cross-chain swaps, processed an impressive 161,490 ETH (approximately $370 million) across 3,900 transactions, pushing the platform’s daily trading volume to a record high of $737 million. Although validators attempted to halt suspicious transfers, the decentralized governance structure of ThorChain allowed transactions to continue after a consensus reversal.
The Lazarus Group utilized sophisticated laundering techniques, dispersing funds across hundreds of wallets and employing tools like Asgardex, DeFiSwap, and ShapeShift for rapid conversions. Monahan noted that the group was swapping ETH for Bitcoin at an average rate of $3.2 million per hour.
This incident has sparked discussions within the ThorChain community regarding its role in enabling large-scale laundering activities. A pseudonymous developer, Pluto, even resigned, expressing concerns about the platform’s inability to prevent illicit activities. Some validators cautioned that a degree of centralization could attract regulatory scrutiny, potentially heightening geopolitical risks.
In response to the situation, Bybit has announced a 5% bounty for those who assist in freezing or recovering the stolen assets, a reduction from the initial 10%. CEO Ben Zhou clarified that this offer is applicable to exchanges, cross-chain bridges, and mixing services.
As the investigation continues, the crypto community remains vigilant, tracking the movements of the stolen funds and discussing the implications of such high-profile hacks on the future of decentralized finance.
