In 2024, rug pulls and DeFi exploits dominated headlines. No major centralized exchange (CEX) hack resulted in billions lost, a trend the crypto community was beginning to associate with improved security—until North Korean hackers struck in February 2025, stealing 500,000 ETH worth over $1.4 billion from Bybit. After the Bybit hack, a big portion of the stolen funds was laundered, mostly through decentralized platforms, with THORChain emerging as the hackers’ favorite.
The Bybit Hack and How THORChain Was Misused
The heist is easily one of the largest in crypto history, and the community hopes it will be the last of this magnitude. Although Bybit continues to operate normally, allowing withdrawals as usual, fears are growing that centralized exchanges may not be as robust as they appear. This perception persists despite the hundreds of millions—if not billions—of dollars spent to reinforce the ecosystem and protect user funds while fostering a supportive environment for some of the best meme coins to invest in 2025 to boom.
THORChain – the community-driven, multi-chain protocol enables users to instantly and cheaply convert tokens. Among its many options, users can swap ETH for Bitcoin (BTC)—precisely what happened with the Bybit stash.
Hackers used THORChain to launder nearly 80% of the stolen funds, converting them to Bitcoin in roughly 10 days. This could prove to be a reputational blow for the decentralized exchange (DEX), coming at the worst possible time.
3.4.25 Executive Summary on Hacked Funds:
Total hacked funds of USD 1.4bn around 500k ETH, 77% are still traceable, 20% has gone dark, 3% have been frozen.
Breakdown:
– 83% (417,348 ETH, ~$1B) have been converted into BTC with 6,954 wallets (Average 1.71 btc each) . This and…— Ben Zhou (@benbybit) March 4, 2025
Will This Proposal Be A Solution?
Aware of the implications, one developer is proposing a fix. In a post on X, they noted that a pull request had been submitted to address this issue. The goal is to, in the future, prevent hackers, scammers, and other bad actors from misusing THORChain.
The proposed solution allows node operators to block specific wallet addresses. Under this mechanism, each node operator processing swaps and transfers on THORChain would manually maintain a list of blacklisted addresses on their servers. For U.S.-based node operators, aligning this list with OFAC- or FBI-sanctioned addresses would ensure compliance with existing laws and restrictions.
Once implemented, only active nodes could determine whether to trace transactions from a given address. For security, nodes filtering transactions from blacklisted addresses would do so privately.
Crucially, only the node operator—or an agency with a subpoena—would know about the blacklisting. Nodes refusing to honor transactions approved by others would face slashing.
As for the funds laundered from the Bybit hack, little can be done—at least for now—since hundreds of millions of dollars worth of ETH remains unrecovered. The pull request aims to mitigate future risks, preventing THORChain from once again enabling money laundering on an unprecedented scale.
EXPLORE: Best Monero Wallets in 2025
Arising Concerns
While this proposal is welcomed, concerns persist about its feasibility. Critics question how node operators will effectively block blacklisted addresses from transactions. At the same time, there are concerns whether this approach makes sense. Hackers can generate millions of new addresses if needed.
From a technical perspective, another critic argues that the proposal won’t enhance transparency. There’s no consensus mechanism requiring 34 nodes to agree on blocking an address. Instead, the list of blacklisted addresses is stored locally on servers, making it difficult to track or verify its use across the network. Others contend that THORChain, as a decentralized protocol, risks compromising its core principles by blocking addresses.
Whether this proposal gains traction and is implemented remains uncertain. What’s clear is that THORChain is taking a reputational hit following the Bybit hack. This could potentially draw scrutiny from law enforcement investigating transactions and enabling nodes. If that happens, RUNE could extend losses from February 2025, further falling away from the best cryptocurrencies to invest in 2025.
DISCOVER: Polkadot Staking
-
Bybit lost over $1.4 billion worth of ETH after hack -
A big chunk of ETH converted to BTC on THORChain as hackers laundered funds -
Developer wants to block this from happening in the future
[/key_takeaways]
Leave a Comment