In a shocking development, cybersecurity analysts have confirmed that North Korean hackers are behind a massive $1 billion+ crypto theft from Bybit, and have already laundered most of the stolen funds in under six months.
This marks one of the fastest and most sophisticated laundering operations seen in the crypto world to date.
The funds were stolen in a series of breaches and exploits targeting Bybit’s hot wallets earlier this year. While the exchange initially reported “unauthorized activity,” detailed blockchain analysis now links the attack to Lazarus Group, North Korea’s elite state-sponsored hacking team.
Blockchain tracking platforms like Chainalysis and Elliptic have flagged aggressive laundering patterns, including mixer usage (e.g., Tornado Cash), cross-chain swaps, DeFi pools, and peel chain techniques—all designed to obfuscate the trail.
Laundering at Lightning Speed Raises Global Alarm
What’s especially alarming is the speed and scale of the laundering process. In just six months, the stolen funds have been split, anonymized, and moved across dozens of wallets and networks, making it incredibly difficult for authorities to freeze or recover the assets.
Analysts estimate that over 85% of the stolen crypto has already been laundered, with large portions being converted to stablecoins and routed through lesser-known exchanges, many located in regions with limited enforcement cooperation.
“This isn’t just a crypto exchange hack—it’s an international cybercrime operation backed by a nation-state,” said a digital asset investigator involved in the case.
The attack highlights a growing pattern: North Korea increasingly funds its weapons and military programs through crypto crime. The UN has repeatedly warned about the regime’s use of cyber warfare to bypass international sanctions.
Bybit has since beefed up its security infrastructure and is working with global agencies, including Interpol and the FBI, to assist in the investigation. A reward has also been offered for any information leading to the identification of laundering endpoints or exchange accounts involved.
Despite the damage, the case sends a clear message: even elite hacker groups leave a trail, and blockchain forensics is evolving fast to meet these threats.