North Korean hackers have successfully laundered at least $300 million from their record-breaking $1.5 billion cryptocurrency heist, making it nearly impossible to recover.
The attack, carried out by the notorious Lazarus Group, targeted crypto exchange Bybit two weeks ago, marking one of the largest thefts in digital asset history.
Since the breach, authorities and blockchain analysts have been engaged in a high-stakes game of cat and mouse, attempting to track and freeze the stolen funds.
North Korean Hackers Operate 24/7 to Fund Military and Nuclear Programs
Experts say the hackers are highly sophisticated, operating 24/7 in what is believed to be a state-backed effort to fund North Korea’s military and nuclear programs.
“Every minute matters for the hackers who are trying to confuse the money trail,” said Dr. Tom Robinson, co-founder of crypto investigation firm Elliptic.
He noted that North Korea is the most advanced player when it comes to laundering stolen digital assets.
“I imagine they have an entire room of people doing this, using automated tools and years of experience,” Robinson added.
Analysis from Bybit and Elliptic suggests that 20% of the stolen funds have already “gone dark,” meaning they are unlikely to ever be recovered.
To combat the hackers, Bybit has launched the Lazarus Bounty Program, offering rewards for anyone who helps track and freeze stolen assets.
As all crypto transactions are recorded on the public blockchain, the stolen funds can still be traced—at least until they are successfully converted into fiat currency.
So far, 20 individuals have received over $4 million in rewards for helping identify $40 million of the stolen funds, leading to their freezing.
However, experts warn that recovering the remaining assets remains a major challenge, given North Korea’s expertise in hacking and money laundering.
Crypto Exchanges Under Scrutiny
Another major obstacle in stopping the laundering process is the lack of cooperation from some crypto exchanges.
Bybit has accused rival platform eXch of allowing hackers to cash out more than $90 million in stolen funds.
The owner of eXch, Johann Roberts, initially denied the allegations, stating that his company had a long-running dispute with Bybit and was unsure if the funds were linked to the hack.
However, Roberts later told BBC his exchange is now cooperating.
Despite these efforts, cybersecurity experts warn that North Korea’s state-sponsored cybercrime operations will continue as long as crypto platforms remain divided on how to handle illicit transactions.
“North Korea has built a successful industry for hacking and laundering crypto, and they don’t care about the negative perception of cybercrime,” said Dr. Dorit Dor of Check Point Security.
With over $1.2 billion still missing, tracking the remaining funds remains a race against time.
As reported, Chainflip, a cross-chain DEX, is preparing a protocol upgrade aimed at preventing hackers responsible for the recent $1.4 billion Bybit hack from using its platform to launder stolen assets.
The upcoming 1.7.10 upgrade introduces enhanced screening tools that allow broker operators—including platforms like SwapKit and the Rango DEX aggregator—to reject suspicious deposits of ETH and ERC-20 tokens.
The post North Korean Hackers Already Laundered $300M from Record $1.5B Bybit Heist appeared first on Cryptonews.
