Blockchain sleuth ZachXBT slammed pseudo decentralized protocols for profiting from North Korea-backed exploits.
The crypto industry’s handling of hacks and shady activity is coming under fire, with blockchain sleuth ZachXBT calling out several pseudo-decentralized protocols for profiting from North Korea-linked exploits while avoiding responsibility.
In a Telegram post on Tuesday, March 18, the crypto investigator called the nearly $1.5 billion Bybit hack “eye opening,” warning that the industry’s security problems might not improve without government regulations that could “hurt our entire industry.”
Per ZachXBT, several “decentralized” protocols have generated nearly all of their monthly volume and fees from transactions linked to North Korea. Despite this, the investigator notes, they “refuse to take any accountability.”
ZachXBT’s comments seem to point to mixing service eXch and multi-currency protocol THORChain, among others, which profited after North Korean bad actors funneled stolen Bybit funds through them in an attempt to launder. As crypto.news reported earlier, less than two weeks after the heist, Bybit CEO Ben Zhou stated that more than $200 million of the $1.46 billion stolen from the exchange had become untraceable, partly due to mixing services refusing to halt North Korean hackers.
KYC as honeypot
ZachXBT also pointed to centralized exchanges, stating that some take “multiple hours” to respond to illicit funds moving through their platforms, even though laundering “only takes minutes.” It’s unclear which exchanges the investigator was referring to.
Criticizing existing security measures, he argued that know your transaction systems are “completely flawed and easily evadable,” while know your customer rules mostly serve as a “honeypot for regular users” due to frequent breaches and insider leaks.
In late February, North Korean hackers targeted Bybit, one of the largest cryptocurrency exchanges, stealing around $1.46 billion worth of crypto in a highly sophisticated heist. The attack was reportedly carried out by compromising the computer of an employee at Safe, Bybit’s technology provider.
