Crypto Exchange eXch Denies Involvement in Bybit Hack Laundering Scheme

In a dramatic twist following one of the largest crypto heists to date, non-KYC exchange eXch has strongly denied allegations linking it to the laundering of stolen funds from Bybit’s $1.4 billion hack. While blockchain investigators have pointed to activity on the platform, eXch maintains that any involvement was isolated and not part of a broader laundering operation. You can read more about the Bybit Hacked: Inside the $1.5 Billion Crypto Heist here.

On February 21, 2025, hackers breached Bybit’s Ethereum cold wallet, netting over $1.4 billion in a single, high-profile attack. Prominent blockchain analysts—including ZachXBT and Nick Bax—have suggested that North Korea’s state-sponsored Lazarus Group was behind the audacious crime. In the aftermath, a notable surge in eXch’s ETH volume was observed: within just 24 hours, over 20,000 ETH flowed through the exchange, a stark contrast to its typical daily average of roughly 800 ETH.

Critics argue that the sudden influx is more than a coincidence. Nick Bax of the Security Alliance estimated that approximately $30 million in hacked funds passed through eXch on the day of the breach, while ZachXBT cited figures approaching $35 million. Among these dubious transactions, a misdirected transfer of 34 ETH—valued at around $96,000—to another exchange’s hot wallet has raised additional red flags.

In response to the mounting allegations, eXch took to Bitcointalk on February 23 to refute the claims, dismissing them as “FUD.” The exchange clarified that while a small fraction of the stolen funds did enter its wallet, it was a singular occurrence rather than evidence of systematic money laundering. Furthermore, eXch vowed that any fees collected from this transaction would be donated to open-source privacy projects, underscoring its commitment to transparency and community benefit.

Meanwhile, Bybit has successfully frozen over $42 million in the stolen assets through coordinated efforts. However, its attempts to restrict flagged wallet addresses have met with resistance from eXch, which accuses Bybit of tarnishing its reputation by freezing funds related to legitimate past transactions involving its users.

Bybit CEO Ben Zhou has since called for a unified industry response to prevent hackers from easily cashing out ill-gotten gains. “At this point, it’s not just about Bybit,” Zhou noted on X (formerly Twitter), emphasizing that the challenge lies in reshaping the industry’s approach toward digital asset security.

Security firm SlowMist has added its voice to the growing chorus, urging crypto platforms to implement stricter risk controls, particularly on non-KYC exchanges. As state-sponsored groups like Lazarus continue to exploit regulatory loopholes, the broader crypto community is left grappling with both the technological and regulatory implications of this unprecedented breach.

As the dust settles on one of crypto’s most significant heists, the debate intensifies: How can the industry better safeguard assets while maintaining a balance between privacy and regulatory oversight? For now, eXch remains adamant in its denial, leaving both users and regulators to navigate the murky waters of digital asset security.