The hack of the crypto exchange Bybit on February 21, in which more than $1.4 billion was stolen, continues to cause turmoil. More than 54% of the stolen funds have now been laundered through THORChain (RUNE), a decentralized crosschain swap protocol.
According to blockchain analysis company Lookonchain, the hacker has already moved 270,000 ETH ($605 million) and still holds 229,395 ETH ($514 million). Multiple sources, including Arkham Intelligence, point to the North Korean Lazarus Group as responsible for the attack.
THORChain came under heavy criticism for its privacy-focused features, which allow stolen funds to be moved unnoticed. Although some validators voted to block North Korean transactions, this decision was later reversed.
In response, core developer “Pluto” announced his departure on February 27. “Effective immediately, I will no longer contribute to THORChain,” he wrote on X (formerly Twitter). Validator “TCB” also threatened to quit if no measures are taken against the illegal money flows.
The FBI has called on crypto platforms and validators to block the Lazarus Group. According to THORChain founder John-Paul Thorbjornsen, none of the wallets sanctioned by the FBI have had direct contact with the protocol. He defends THORChain and argues that hackers act faster than blockchain control systems can keep up.
Nevertheless, the hack puts pressure on the sector to better combat money laundering practices through decentralized protocols.
Dogecoin
Shiba Inu
Pepe
dogwifhat
Bonk
FLOKI
Bitcoin
Ethereum
Tether
Solana
XRP
Cardano
