Introduction
The North Korean hackers group Lazarus isn’t slowing down. They are moving stolen funds fast, trying to hide the money from what experts call the biggest crypto hack in history—worth $1.4 billion.
Hackers Move Another $138 Million in Ethereum
On March 1, the hackers transferred 62,200 Ethereum (ETH), which equals about $138 million. Now, they have only 156,500 ETH left from the 499,000 ETH they stole on February 21 from Bybit, a crypto exchange.
从昨天下午 3 点黑客恢复洗钱以来,黑客洗走了 6.22 万枚 ETH ($1.38 亿)。
现在黑客从 Bybit 盗取的 49.9 万枚 ETH,已经洗的只剩 15.6 万枚 ($3.46 亿)了。再有个三天时间应该就会被全部清空了。
本文由 #Bitget|@Bitget_zh 赞助 https://t.co/KCEhMwIsnG pic.twitter.com/alJMqyBVVU
— 余烬 (@EmberCN) March 2, 2025
So far, they have laundered 343,000 ETH, which means they have already cleaned 68.7% of what they stole. At this speed, they could finish laundering everything in just three days, according to crypto researcher EmberCN.
FBI Confirms North Korea is Behind the Attack
The Federal Bureau of Investigation (FBI) has no doubt about who’s responsible. On February 26, the FBI released a public warning, blaming North Korea for the Bybit hack.
They call this cyberattack “TraderTraitor,” and they say the hackers are moving fast.
- The hackers aren’t just keeping Ethereum. They are converting it into Bitcoin, DAI stablecoin, and other cryptocurrencies.
- They aren’t using just one wallet either. Instead, they are spreading the money across thousands of different wallets on multiple blockchains to make it harder to track.
FBI Asks Crypto Companies for Help
The FBI doesn’t want to let the hackers get away with it. So, they are asking for help from the crypto industry to block transactions connected to the stolen funds.
They have reached out to:
- Crypto exchanges
- DeFi services
- Blockchain analytics firms
- Cross-chain bridges
- RPC node operators
The FBI also released wallet addresses linked to the hackers. Meanwhile, blockchain security firm Elliptic flagged over 11,000 suspicious wallets that might be part of the scheme.
How the Hackers Are Hiding the Money
The Lazarus Group isn’t just moving money. They are using clever tricks to cover their tracks.
- Crypto mixers help them mix stolen money with legal funds, making it hard to trace.
- Decentralized exchanges let them trade without showing ID.
- Cross-chain bridges allow them to hop from one blockchain to another.
- Instant swap services quickly turn Ethereum into different cryptocurrencies.
Can They Be Stopped in Time?
The FBI is racing against time to track the stolen funds. But Lazarus Group is moving even faster.
If nothing changes, they could clean out the rest of the stolen money in just three days.
The Bybit hack proves that cybercriminals can still move massive amounts of stolen crypto—even when the government is watching. The next few days will be critical. Can authorities slow them down, or will the stolen money vanish forever into the crypto world?
