Joao Wedson, founder of cryptocurrency analytics firm Alphractal, has weighed in on the ongoing efforts to track down and recover $1.5 billion worth of Ethereum (ETH ($2,724.59)) stolen from Bybit.
According to Wedson, the hacker has already dispersed the funds across multiple addresses and platforms, making recovery efforts significantly more difficult.
The stolen ETH was transferred through various decentralized exchanges (DEXs) and financial platforms, including OKX (Dex Router), Uniswap, Pendle Finance, Kilnfi (staking), and DLN Trade. Additionally, while a portion of the funds went to Arbitrum, other amounts went to centralized exchanges like KuCoin and smaller, less regulated platforms like Exchcx.
The hacker’s strategy follows a classic money laundering scheme: splitting funds into smaller transactions and spreading them across different platforms to hide their tracks. Estimates suggest that around 35% of ETH addresses on the exchange remain unlabeled, making it difficult for investigators to associate them with specific assets.
Wedson noted that the patterns of movement point to the use of automation and crypto mixers, further complicating monitoring efforts. Some wallets that initially held 400 ETH expanded to 1,500 ETH and eventually reached 13,000 ETH before being fragmented again. Despite these complex movements, at least 60,000 ETH from the initial attack remained intact, raising questions about the hacker’s next move.
Related News: Watch Out: 19 Altcoins Have Massive Token Unlocks in the New Week – Here is the Day by Day, Hour by Hour List
Ethereum’s decentralized and anonymous nature makes recovery efforts particularly difficult. While blockchain transactions are transparent, tracking stolen assets becomes extremely difficult when sophisticated obfuscation techniques are used.
Speculation about the attack points to North Korean hacker groups, but Wedson cautions against premature conclusions. “The blockchain does not store identities, only addresses, and any attribution is based on manual labeling or machine learning,” he explained. Skilled hackers often manipulate transaction behavior to mislead investigators, creating false traces that make precise attribution difficult.
Wedson believes that given the scope of the laundering operation, it is increasingly unlikely that the stolen Ethereum will be recovered. While exchanges and blockchain analytics firms attempt to block and track certain transactions, decentralized platforms and privacy-focused tools provide effective protection for cybercriminals.
“Some of the stolen ETH could be cashed out via decentralized exchanges in the coming days, making tracking even more difficult,” Wedson said. If darknet markets are involved, tracing the funds will become nearly impossible.
*This is not investment advice.
Continue Reading: Is It Possible to Recover the $1.5 Billion Ethereum (ETH) Stolen from Bybit?
