## Detailed Analysis and Report: Timeline of Bybit’s Stolen ETH Laundering
Introduction
In a recent high-profile cryptocurrency heist, Bybit suffered a significant loss of approximately $150 million. The Lazarus Group, known for its sophisticated cyber warfare strategies, was implicated in the attack. This report provides a detailed timeline and analysis of how the stolen Ethereum (ETH) was laundered, highlighting the complex strategies employed by the hackers.
Initial Conversion and Fund Flow
1. Conversion of Illiquid Assets: The Lazarus Group began by converting illiquid assets, such as staked tokens, into more fungible assets like Ether (ETH). This conversion made it easier to move the funds on-chain. At least $20 million in staked tokens was converted into ETH following the Bybit hack[1].
2. Complex Fund Flows: After converting illiquid assets into liquid ones, the hackers created a complex network of fund flows. They used an intermediary wallet maze to obfuscate the trail, making it difficult for blockchain analysts to track the funds[1].
Money Laundering Process
1. Decentralized Exchanges and Cross-Chain Bridges: The stolen ETH was laundered through decentralized exchanges (DEXs), cross-chain bridges, and instant swap services. These platforms do not require Know-Your-Customer (KYC) verification, allowing the hackers to maintain anonymity[1].
2. Conversion to Bitcoin and Stablecoins: Most of the ETH was eventually converted into Bitcoin and stablecoins like Dai. This conversion helped to further obscure the origin of the funds[1].
3. Splitting Funds: Throughout the laundering process, the hackers continuously split the stolen funds into smaller pools. Initially, the funds were split from one wallet into 42 wallets, and in subsequent transfers, these funds were further divided into thousands of wallets[1].
Timeline of Key Events
– Bybit Hack: The initial hack resulted in the theft of approximately $150 million, marking one of the largest cryptocurrency heists in history[1].
– Initial Laundering: Within days, the hackers began laundering the stolen ETH, using complex strategies to avoid detection[2].
– Progress of Laundering: As of recent reports, the hackers have successfully laundered about 50% of the stolen ETH, amounting to 266,309 ETH over a period of five and a half days[2].
– Dormant Wallets: To avoid scrutiny, some wallets holding stolen funds remain dormant. This strategy allows the hackers to wait for the attention to die down before further action[1].
Conclusion
The Bybit hack and subsequent laundering of stolen ETH highlight the sophisticated strategies employed by cybercriminals like the Lazarus Group. Their ability to convert illiquid assets into liquid ones, create complex fund flows, and utilize decentralized platforms for laundering has allowed them to evade detection effectively. However, the cryptocurrency community and blockchain analysts continue to work together to track and prevent such activities, demonstrating a united front against crypto crime.
References
[1] Jinse Finance: Uncovering Lazarus’ money laundering strategy
[2] BBX: Bybit hackers have successfully whitewashed 50% of the stolen ETH
Related sources:
[1] followin.io
[2] bbx.com