Bybit’s $1.4B in Hacked Crypto Still Largely Traceable
According to a new report on X by Bybit’s Chief Executive Officer (CEO), Ben Zhou, cybersecurity investigators have reported that 77% of an estimated $1.4 billion in stolen cryptocurrency from the Bybit hack remains traceable. 20% has gone dark, and 3% has been frozen. The stolen funds, totaling around 500,000 ETH, were largely converted to Bitcoin, with ongoing efforts to track and freeze them before they are moved through exchanges and peer-to-peer transactions. Majority of Bybit’s $1.4 Billion in Hacked Crypto Traced to Bitcoin Conversions According to Bybit’s CEO report, a significant portion of the stolen assets, approximately 417,348 ETH, valued at nearly $1 billion, was swapped for Bitcoin across 6,954 wallets. Investigators identified THORChain as the primary platform facilitating these conversions, with 361,255 ETH, or 72% of the total, processed through the network. Another 79,655 ETH, representing 16% of the stolen funds, remains unaccounted for after passing through the ExCH platform, which has yet to provide further updates. Additionally, 40,233 ETH, valued at around $100 million, moved through OKX Web3 proxy services. Of this, 16,680 ETH is still traceable, while 23,553 ETH, roughly $65 million, has become untraceable, pending further information from OKX Web3. Efforts to Freeze Funds and Bounty Payouts Authorities and cybersecurity specialists are working to halt further movement of the stolen cryptocurrency, with this week deemed crucial for freezing efforts before transactions clear through exchanges, over-the-counter markets, and peer-to-peer channels. A bounty program has led to the freezing of some stolen funds, with 11 contributors assisting in tracking and stopping transactions. Among them, Mantle, Paraswap, and blockchain investigator ZachXBT played key roles. In recognition of these efforts, $2.18 million in USDT has been distributed to bounty participants. Further details on the investigation and ongoing recovery efforts are available at Lazarusbounty.com, where authorities are coordinating intelligence sharing. Ongoing Investigations and Risks Despite the progress, investigators warn that a substantial portion of the stolen assets could become permanently lost if successfully laundered through various crypto platforms. The case highlights ongoing challenges in tracking illicit cryptocurrency flows, particularly through decentralized finance networks and privacy-focused services.Authorities continue to monitor suspicious transactions and work with exchanges to prevent further laundering of the stolen funds.
Chainflip Implements Measures to Block Illicit Transactions Following Bybit Hack
Chainflip, a leading decentralized cross-chain protocol, has announced enhanced security measures to block illicit transactions on its network. The decision follows the detection of suspicious flows linked to the recent Bybit hack. The new safeguards, aimed at protecting liquidity providers (LPs) and maintaining network integrity, are set to be implemented within the next 24 to 72 hours. The protocol’s team collaborated with the community, liquidity providers, interface operators, and a majority of validator providers to formulate the plan. The initiative seeks to prevent exposure to high-risk transactions, ensuring a safer environment for LPs. In response to the Bybit incident, Chainflip temporarily disabled access to its primary interface and has since coordinated with partners to prevent any illicit flows from impacting the protocol. Enhanced Broker-Level Screening Introduced The upgraded security measures are primarily centered on broker-level screening. In version 1.7.10, brokers—an intermediary role enabling interfaces to interact with the network—can now reject high-risk deposits not only in Bitcoin but also in Ethereum and all ERC-20 tokens. These rejected deposits are automatically refunded to users. To counter potential evasion, Chainflip is collaborating with key partners, including SwapKit and RangoExchange, who possess advanced screening tools. These partners will be whitelisted on the network, allowing them to reject any suspicious deposits facilitated by any broker. This approach is designed to provide a more comprehensive safeguard against illicit flows. Safeguarding LPs and Ensuring Network Integrity Chainflip’s enhanced monitoring system involves close cooperation with blockchain analytics firms such as Elliptic and Chainalysis, as well as ongoing communication with the Bybit team. The protocol aims to prevent its platform from being used by wallets linked to criminal activities, thereby minimizing risks for liquidity providers. The upgrade is intended to bolster confidence among LPs, encouraging them to contribute more capital while reducing exposure to security threats. As a result, Chainflip expects improved liquidity and competitiveness within the decentralized finance (DeFi) sector. While some critics have labeled the temporary shutdown of swap.chainflip.io as centralization, Chainflip maintains that its decision was driven by commercial and ethical considerations rather than regulatory pressure. The protocol emphasizes its commitment to safeguarding its ecosystem from criminal activity while preserving its decentralized nature. Following deployment and testing, Chainflip plans to restore access to its main interface and resume normal operations. The team has pledged to monitor network activity closely and enhance protective measures if needed, reaffirming its dedication to maintaining a secure and reliable DeFi environment.
