According to Bybit CEO Ben Zhou an update shows hackers from the $1.5 billion February theft have shifted their stolen Bitcoin through Bitcoin mixing services and P2P networks.

Through their research Bybit learned that the attackers moved almost 86% or 440,091 ETH into Bitcoin. Most of the stolen money was exchanged through THORChain which operates as a decentralized platform to connect different blockchain networks.

The hackers moved all 12,836 BTC from their theft through 9,117 separate digital wallets averaging about 1.41 BTC each as stated by Zhou.

P2P Sellers Play Key Role in Crypto Laundering

Officials at the exchange suspect North Korean government agents called Lazarus Group performed this attack. The group gets noticed for moving stolen crypto through Bitcoin mix services including Wasabi CryptoMixer and Railgun.

During an interview Zhou revealed Wasabi recently processed 193 Bitcoin which amounted to $16 million before redirecting funds to different P2P sellers.

Wasabi Bitcoin mixer uses CoinJoin technology to combine many transactions to protect the source of incoming funds. P2P sellers who connect buyers and sellers help launder money effectively because official authorities find it harder to locate and recover the stolen crypto.

The number of funds passing through mixers is expected to rise further. Our top obstacle today is cracking the mysteries of mixer transactions according to Zhou.

The hackers made significant advances but Bybit noticed that 88.8% of stolen assets were still identifiable after police intervention locked in 3.5%. Through blockchain monitoring services and their ongoing efforts the exchange tries to uncover and seize the stolen crypto assets.

Blockchain intelligence company Arkham shows that Lazarus Group owns 13,400 BTC stolen mostly from Bybit. The recent cryptocurrency laundering case shows that efficient crime fighting becomes more difficult as cybercriminals use advanced methods to escape detection.