A blockchain analyst known by the pseudonym EmberCN has discovered that by hacking a cryptocurrency exchange bybit laundered stolen digital assets worth $224 million.
The hackers who attacked bybit, have laundered 89,500 ETH (worth about $224 million) over the past two and a half days, which is 18% of the total amount of stolen ETH (499,000 [including staked Ethereum]).
The hackers are expected to exchange the remaining 410,000 ETH [actually 409,500] for other assets (such as Bitcoin, DAI, and others) within the next two weeks, said cyberthreat researcher Vladimir.
According to EmberCN, to launder the stolen Ethereum, the attackers use the decentralized financial protocol THORCHain, which allows converting cryptocurrencies issued in different networks. In particular, it can be used to exchange ETH for BTC, and BNB (BNB) for Dogecoin (DOGE). THORChain belongs to DeFi, which is apparently why its developers cannot block hackers from accessing the service and block stolen ETH.
The staff of the channel about hacker attacks Kotya Security published a preliminary report on the hack bybit, which shed light on how criminals managed to steal $1,4 billion worth of Ethereum. Experts believe that the attackers compromised all the devices used to approve the withdrawal of cryptocurrency from a multi-signature wallet. Thanks to this, they were able to empty the exchange’s crypto storage and transfer ETH to a wallet belonging to them.
Transferring cryptocurrency from a crypto wallet bybit in the hackers’ crypto storage