ZachXBT: Crypto Industry Can't Handle Hacks Alone

The cryptocurrency detective emphasised that decentralised services profit from the hackers' activities, while centralised exchanges are too slow to respond.

Crypto detective ZachXBT said that after investigating the attack on the exchange Bybit, he came to the conclusion that the cryptocurrency industry is unable to handle the consequences of the hacks on its own. However, he also pointed out that forced regulation could harm the entire industry.

"The long hours I spent helping freeze funds after the Bybit hack opened my eyes. This industry is incredibly vulnerable to hacker attacks and, unfortunately, I don't know if it can make it on its own until the government imposes regulations that will damage the entire industry," wrote ZachXBT on his Telegram channel.

On 21 February, Bybit suffered the largest hack in the history of the crypto market. Hackers took about $1.4 billion in Ethereum and other assets from the exchange. According to analysis, the attack has been linked to the North Korean hacker group Lazarus.

Bybit declares "war" on North Korean hackers

A few days after the hack, Bybit launched the LazarusBounty platform, where users can help track down the stolen funds and the addresses of those responsible, receiving a reward for their help.

Crypto projects that have contributed to tracking and freezing the stolen funds

The portal includes a list of crypto projects that have cooperated in the investigation, as well as a list of services that have refused to cooperate.

The list of trusted projects includes 17 names, including stablecoin issuers Tether and Circle, centralised exchanges Binance, Coinbase, OKX, Bitget, MEXC, Gate, and decentralised services such as FixedFloat, ParaSwap and Wintermute. Also present was the T3 Financial Crime Unit, a collaboration between blockchain Tron, Tether and analysts from TRM Labs.

Of the services that did not collaborate, the eXch exchange stands out, through which $94 million passed. More than 1,000 requests have been sent to the platform, but it has refused to cooperate, recalling that Bybit had previously denied assistance to eXch.

Other services that have facilitated the passage of stolen funds include the TradeOgre marketplace, the THORChain blockchain bridges, Maya Protocol, Li.fi, TransitSwap and the Wasabi Wallet crypto mixer.

ZachXBT pointed out that some 'decentralised' protocols recorded almost 100 per cent of their monthly trade volume thanks to transactions from North Korea, refusing to take any responsibility.

THORChain record volumes recorded after hack of bybit

The hackers' activity led to record volumes on the THORChain protocol. According to EmberCN, in the ten days following the attack, transaction volume on the platform reached $5.9 billion, with $5.5 million in commissions generated.

"Centralised exchanges are even worse"

According to ZachXBT, centralised exchanges are even less effective: when they receive illicit funds, they take hours to respond, while it only takes minutes for hackers to launder the money.

"KYT is flawed and easy to bypass. KYC is just a trap for ordinary users and in most cases is useless as hackers buy verified accounts. The recent laundering of $1.4 billion by North Korea demonstrated how ineffective it is," wrote the crypto detective.

To date, Bybit has only managed to freeze 3.2% of the stolen funds ($44.7 million). Requests for 6.8% of the assets are still pending, while 90% of the funds are still being traced.