A quick laundry of over $400 million from Bybit’s hack suggests that North Korea may have expanded its business, analysts say.
More than $400 million has been washed in just days since Bybit’s $1.46 billion incident, and analysts at blockchain forensics firm TRM Lab are now raising serious concerns that North Korea may have expanded its laundry business.
In a blog post on February 27th, analysts pointed out that Bybit attackers would travel nearly 5 billion within a week, using intermediate wallets, cipher swaps, decentralized exchanges and cross-chain bridges to hide trails.
“This rapid laundry suggests that North Korea has expanded its money laundering infrastructure, particularly China’s underground financial network has increased its ability to absorb and process illegal funds.”
TRM Lab
You might like it too: “Blind Signature is a problem, but not a major suspect,” experts say about the BYBit $140 million Saga
Analysts note that North Korean hackers usually use crypto mixers to hide stolen funds before cashing out. However, the scale of the Bybit incident forced them to adopt new methods. Instead of a mixer, multiple wallets and decentralized platforms are used to obscure the money trail.
Initially, the stolen Ethereum was sent through the BNB chain and Solana. Most of it is currently being sent to the Bitcoin network. Despite the quick laundering, much of Bitcoin remains untouched, suggesting that attackers are preparing for a massive liquidation through the OTC network, analysts suggest.
Bibit lost $1.46 billion in a multi-stage attack. The attacker reportedly compromised the device of the secure {wallet} developer, causing Bybit’s secure wallet owner to sign a malicious transaction.
read more: The crypto mixer is said to have been used to wash funds stolen from Bybit and Infini. Do Probitcoin countries ban crypto mixers?
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
