The Full Story: Did eXch “Launder” Stolen Crypto from the Bybit Hack for North Korean Hackers “Lazarus Group”?

And if they did… does that mean we should use them less, or MORE?

March 03, 2025
By: Trevor Baaddi

In late February, the crypto exchange Bybit was hacked, allegedly by the North Korean based “Lazarus Group“. The result was the loss of roughly 400,000 Ethereum (ETH)… $1.5 billion in assets… in the largest cryptocurrency theft on record. A hot topic inside crypto circles since has been, did eXch launder stolen crypto for the theives?

Since the breach, authorities and blockchain analysts alike have been engaged in a high-stakes game of cat and mouse, attempting to track and freeze the stolen funds. Experts say the hackers are highly sophisticated, operating 24/7 in what is believed to be a state-backed effort to fund North Korea’s military and nuclear programs.

“Every minute matters for the hackers who are trying to confuse the money trail,” said Dr. Tom Robinson, co-founder of crypto investigation firm Elliptic. He noted that North Korea is the most advanced player when it comes to laundering stolen digital assets.

What is eXch, and What Was Their Role in This?

Popular no-KYC crypto exchange eXch.cx has been widely used and long-trusted by many in the crypto industry… but also by users of the notorious “Darknet“. It is an inexpensive and nearly instant tool used to exchange many types of cryptocurrencies, anonymously. The fact that they don’t require any user information, typically called “KYC”, and do not trace the source or destination of coins, make them a convenient option for users who desire privacy… but also for theives and other criminals.

By using an instant exchange like eXch, and converting the stolen Ethereum to the untraceable privacy coin Monero, the theives were allegedly able to quickly launder hundreds of millions of dollars worth of stolen crypto. Since this process has been proven to be effective at hiding the source of any digital token from governments, banks, exchanges, or other enforcement agencies, once this process takes place, the possibility of tracking and recovering the stolen funds becomes almost zero.

To combat the hackers, Bybit has launched the Lazarus Bounty Program, offering rewards for anyone who helps track and freeze stolen assets. Both Ben Zhou and eXch Support declined our requests for a comment for this article.

Did eXch Do Anything Wrong, or is Crypto a Fungible Asset?

The guilty party in this case is the criminal hacker group Lazarus. The person responsible for losing customer funds stored on the centralized exchange was Bybit’s CEO himself. Having relied on outdated software to protect a preposterous amount of money, held in a single wallet, he signed the fateful transaction himself. Despite this, news agencies such as the BBC have pushed the narrative the somehow a potential solution to such cybercrime is to make every cryptocurrency transaction public, and tied to a citizen’s identity. This is an action that would not have prevented the attack or returned the funds, but is something that has been a common attack on crypto since the original days of Satoshi.

Bitcoin, and cryptocurrency as we know it, was created by the pseudonymous Satoshi Nakamoto. In my opinion, “he” was most likely a collective team of long-time cypherpunk software engineers lead by Hal Finney.

The primary goal of the project, according to the Bitcoin White Paper, was to create a fungible means of transfer that could be used anonymously. All that eXch, the developers and users of Monero, and their supporters in the Libertarian movement are attempting to do is maintain this original vision.

The Lowdown.

Ultimately, either crypto can be a fungible currency like cash, used seamlessly for global trade, or not. Individuals and companies that enable this, like eXch, are only reason the crypto continues to exist.

This publications and its authors support the right of every individual to spend and save their money as they please.