A major financial firm in Japan, SBI Group, recently faced a significant security breach. Its crypto division, SBI Crypto, saw a digital wallet emptied of over $20 million. This theft included Bitcoin, Ethereum, Dogecoin, and other popular digital tokens.
The unusual movement of funds was first spotted by ZachXBT. He is a well-known independent blockchain researcher. On Wednesday, September 24, ZachXBT shared his findings on Telegram. He highlighted suspicious outflows from addresses linked to SBI Crypto.
Reports show that roughly $21 million left the SBI crypto wallet that day. The stolen money included Bitcoin, Ethereum, Litecoin, Dogecoin, and Bitcoin Cash. These assets did not stay put. They were first routed through various quick crypto exchanges. After that, they ended up in Tornado Cash, a service designed to hide where funds come from.
Sending money to Tornado Cash often points to North Korean hackers. ZachXBT noted that several signs matched methods used in North Korean state-sponsored cyberattacks. This raises serious questions about the Lazarus Group. This infamous cybercrime organization has ties to North Korea’s government. They are known for stealing billions in digital money.
SBI Crypto operates mainly as a Bitcoin mining pool. It is part of the larger SBI Group, a publicly traded financial giant. This group deals in both traditional and digital assets. Yet, SBI Crypto has not yet officially confirmed the hack. The company has also stayed quiet on the technical details of the breach.
This incident is part of a worrying trend. Attacks on crypto exchanges and platforms are increasing. North Korean groups often use these thefts to fund state activities. Tornado Cash itself has been under global scrutiny. The U.S. Treasury Department sanctioned it in 2022 for helping with money laundering. However, a recent court decision lifted these restrictions.
ZachXBT has played a key role in uncovering other large-scale thefts. He exposed an over $80 million attack on the Iranian exchange Nobitex in June. He also highlighted a Bybit hack by the Lazarus Group, totaling over $1.5 billion in February. These cases further stress the ongoing danger.
International authorities are watching mixer services like Tornado Cash more closely. Yet, the decentralized nature of these tools makes regulation difficult. Japan’s crypto sector is very strictly regulated. This incident could lead to even more pressure for stronger security measures. So far, the wider SBI Group has not reported any problems with its general operations.