eXch Denies Laundering From Bybit’s $1.4B Hack, Community Touts Exchange’s Handling

Cryptocurrency exchange eXch has issued a formal denial of allegations that it helped launder funds from the $1.4 billion Bybit hack on February 21, 2025.

The exchange posted a statement on Bitcointalk forum confirming it processed only a small amount of the stolen funds through a single Ethereum address.

Blockchain investigators claim the platform handled over $30 million from wallets linked to North Korea’s Lazarus Group.

The conflicting narratives come as Bybit works to recover the largest cryptocurrency theft in history, with CEO Ben Zhou calling for industry cooperation to block the flow of stolen assets.

ZachXBT reported eXch procesed Bybit stolen funds

On-chain sleuth ZachXBT reported eXch processed $35 million of the stolen Bybit funds, with the exchange accidentally sending 34 ETH ($96,000) to another platform’s hot wallet.

Security firm SlowMist backed these claims, noting “large amounts of ETH” converted through eXch, while Security Alliance member Nick Bax estimated the exchange handled about $30 million in volume for North Korean actors.

– Advertisement –

eXch maintains only one Ethereum address, which received any funds connected to the hack.

The exchange called this “an isolated case” and pledged to donate the trading fees from these transactions.

In their forum statement, eXch pushed back against broader laundering accusations, stating no other addresses on the Ethereum blockchain interact with their platform besides standard deposit addresses.

The dispute has taken a personal turn, with eXch citing past grievances against Bybit.

In response to requests to freeze suspicious funds, eXch referenced incidents where Bybit allegedly froze their users’ deposits and ignored communication attempts, questioning why they should assist an organization that “undermined our reputation.”

Analysts like Michaël van de Poppe also highlighted the beauty of crypto and the future of finance. He also added how the exchange handled the situation.

A New Crisis Management Model

Bybit’s handling of the incident created a new model for crisis management in cryptocurrency.

The exchange sent its first message within 30 minutes of discovering the hack. CEO Ben Zhou took personal ownership of communications.

Regular updates followed, including details about the $42 million in stolen funds frozen through “coordinated effort” with industry partners.

The scale of the theft – more than double previous records like the $625 million Ronin bridge hack and $611 million Poly Network incident – sparked widespread industry action.

Tether CEO Paolo Ardoino highlighted the crypto community’s unified response.

Analyst Michaël van de Poppe pointed to the stability of crypto infrastructure. He noted that Bybit processed over $4 billion in withdrawals without disruption despite losing $1.5 billion.

Yet eXch’s resistance to cooperation reveals gaps in industry unity. Their public refusal to assist Bybit, citing past disputes, drew criticism from Zhou, who framed the issue beyond company rivalries:

“At this point is really not about Bybit or any entity; it’s about our general approach toward hackers as an industry.”

Industry lessons from Bybit hack

The $1.4 billion Bybit hack altered how cryptocurrency exchanges handle major security breaches.

Bybit’s immediate response – with CEO communications within 30 minutes and clear updates about fund safety – kept market panic limited.

Their ability to process $4 billion in withdrawals while missing $1.5 billion in funds proved the robustness of modern crypto infrastructure.

The hack exposed weaknesses in inter-exchange cooperation. While most platforms aided recovery efforts, eXch’s refusal to help block stolen funds showed how past industry conflicts can hurt collective security.

The incident pushed exchanges to review their cold wallet systems after attackers breached Bybit’s Ethereum multisig setup.

The focus on proof of reserves and 1:1 asset backing helped secure bridge loans and maintain user confidence, suggesting exchanges now need both technical and communication preparations for future incidents.