Beosin: Once the funds related to the Bybit exchange hacker attack enter the Tornado.cash mixer, the fund penetration analysis will be immediately initiated
02-22 11:01

Odaily News The Beosin security team conducted in-depth tracking and analysis of the stolen funds in the Bybit exchange hacker attack. The study found that one of the stolen funds deposit addresses, 0x36ed3c0213565530c35115d93a80f9c04d94e4cb, transferred 5,000 ETH to the split address 0x4571bd67d14280e40bf3910bd39fbf60834f900a at 06:28:23 UTC on February 22, 2025. Subsequently, the funds were split into amounts ranging from tens to hundreds of ETH at a frequency of once every few minutes, and further transferred to multiple addresses. It is worth noting that after multiple transfers, some funds attempted to cross-chain to the BTC chain address bc1qlu4a33zjspefa3tnq566xszcr0fvwz05ewhqfq through Chainflip, indicating that hackers attempted to further conceal the flow of funds through cross-chain operations.
In addition, at 07:44:47 UTC on February 22, 2025, the split address transferred 56.68 ETH to the black address 0x33d057af74779925c4b2e720a820387cb89f8f65. This address is marked as "Hacker: Phemex Hacker" in the Beosin tag library, and the "Phemex Exchange $85 million theft" was done by the well-known hacker group Lazarus Group. This key discovery further confirms our previous inference based on the similarity between the attack mode and the WazirX incident, that is, the Bybit exchange hacker attack is very likely related to the Lazarus Group.
It is worth mentioning that in the Phemex incident, some of the stolen funds were transferred to mixers such as Tornado Cash to conceal their flow. For the Bybit incident, we are fully prepared. Once the relevant funds enter the Tornado.cash mixer, Beosin will immediately start the fund penetration analysis. The special working group has been equipped with the latest version of the Tornado Cash penetration algorithm, and several professional analysts who have successfully completed fund penetration in similar cases have joined to ensure that the flow of funds can be tracked efficiently and provide strong support for subsequent actions. At present, the Beosin security team is cooperating with the Bybit security team to track funds.

最热快讯
资讯热榜
日榜
周榜
Satoshigallery: Satoshi Nakamoto sculpture found
Trump and Treasury Secretary Benson are actively searching for the next Federal Reserve chairman.
U.S. Trade Representative says tariff policy will remain largely unchanged
Hassett: Not eager to run Bureau of Labor Statistics
The Blue Origin spacecraft that Sun Yuchen took has been launched
Michael Saylor: Winter Won't Come Back