Bybit: 89% of stolen $1.4B crypto still traceable post-hack

The lion’s share of the hacked Bybit funds is still traceable after the historic cybertheft, as blockchain investigators continue their efforts to freeze and recover these funds.

The crypto industry was rocked by the largest hack in history on Feb. 21, when Bybit lost over $1.4 billion in liquid-staked Ether (stETH), Mantle Staked ETH (mETH) and other digital assets.

Blockchain security firms, including Arkham Intelligence, have identified North Korea’s Lazarus Group as the likely culprit behind the Bybit exploit, as the attackers have continued swapping the funds in an effort to make them untraceable.

Despite the Lazarus Group’s efforts, over 88% of the stolen $1.4 billion remains traceable, according to Ben Zhou, the co-founder and CEO of Bybit exchange.

The CEO wrote in a March 20 X post:

“Total hacked funds of USD 1.4bn around 500k ETH. 88.87% remain traceable, 7.59% have gone dark, 3.54% have been frozen.”

“86.29% (440,091 ETH, ~$1.23B) have been converted into 12,836 BTC  across 9,117 wallets (Average 1.41 BTC each),” said the CEO, adding that the funds were mainly funneled through Bitcoin (BTC) mixers including Wasbi, CryptoMixer, Railgun and Tornado Cash.

The CEO’s update comes nearly a month after the exchange was hacked. It took the Lazarus Group 10 days to launder 100% of the stolen Bybit funds through the decentralized crosschain protocol THORChain, Cointelegraph reported on March 4.

Still, blockchain security experts are hopeful that a portion of these funds can be frozen and recovered by Bybit.

Related: Can Ether recover above $3K after Bybit’s massive $1.4B hack?

Bybit paid $2.2M for Lazarus “bounty hunters”

The crypto industry needs more blockchain “bounty hunters” and white hat, or ethical hackers, to combat the growing illicit activity from North Korean actors.

Decoding transaction patterns through cryptocurrency mixers remains the biggest challenge in tracing these funds, Bybit’s CEO wrote, adding:

“In the past 30 days, 5012 bounty reports were received of which 63 were valid bounty reports. We welcome more reports, we need more bounty hunters that can decode mixers as we need a lot of help there down the road.”

Bybit has awarded over $2.2 million worth of funds to 12 bounty hunters for relevant information that may lead to the freezing of the funds. The exchange is offering 10% of the recovered funds as a bounty for white hat hackers and investigators.

Related: Bybit exploit exposes security flaws in centralized crypto exchanges

The Bybit attack highlights that even centralized exchanges with strong security measures remain vulnerable to sophisticated cyberattacks, analysts say.

“This incident is another stark reminder that even the strongest security measures can be undone by human error,” Lucien Bourdon, an analyst at Trezor, told Cointelegraph.

Bourdon explained that attackers used a sophisticated social engineering technique, deceiving signers into approving a malicious transaction that drained crypto from one of Bybit’s cold wallets.

The Bybit hack is more than twice the size of the $600 million Poly Network hack in August 2021, making it the largest crypto exchange breach to date.

Magazine: Trump’s crypto ventures raise conflict of interest, insider trading questions