As the attackers attempt to conceal their activities, the pilferers from the $1.4 billion Bybit crypto exchange hack are likely to target cryptocurrency mixers. Analysts say the Lazarus Group connected to North Korea is behind the theft and is now trying to hide the transaction path.
The organization has begun distributing the pilfers via several wallets and dispersed exchanges in line with their regular laundering schedule. Blockchain specialists believe the next phase might be more obfuscation of transactions utilizing mixing services. Still, managing such a large sum of pilfered money could provide practical challenges.
The hackers had already distributed the money to fifty separate wallets, each containing roughly 10,000 ETH, within hours following the attack. Reports suggest that at least 10% of the pilfers have relocated, indicating ongoing efforts to conceal the theft path.
Analyses have also connected the laundering process to a specific exchange, supposedly enabling anonymous transactions. Bybit has made an inquiry, but it appears that the exchange has not blocked any suspicious activity in response, which raises questions about their involvement in the laundering process. The platform has formally denied any participation, though.
Using mixers and peer-to-peer networks, the Lazarus Group has historically effectively laundered hundreds of millions in stolen bitcoin. More lately, thieves have been changing their methods to avoid detection and moving toward cross-chain bridges to enable illegal transactions.
Bybit has reassured consumers by fully covering the pilfers and intending to publish an audited proof-of-reserve report not too far off. The episode emphasizes the continuous risk of cyberattacks in the cryptocurrency sector and the changing strategies hackers apply to transfer illegal money.
