THORChain Faces Criticism and Revenue Surge Amid $1.4 Billion Bybit Hack

The decentralized cross-chain asset swap protocol THORChain is making headlines for two reasons. First, it has generated more than $5 million in revenue after its asset swap volume reached record highs. However, this surge in revenue is tied to its controversial role in facilitating the laundering of funds stolen in the $1.4 billion Bybit hack.

On February 21, Bybit, one of the largest centralized crypto exchanges, was hacked for over $1.4 billion—marking the largest crypto hack in history. The notorious North Korean-affiliated Lazarus Group has been identified as the main culprit behind the exploit. The group has been using THORChain to launder significant portions of the stolen funds, raising ethical and legal concerns for the decentralized protocol.

In the aftermath of the hack, THORChain saw a massive surge in its swap volume, processing over $5.4 billion in total. This resulted in an approximate $5.5 million in revenue, according to data from the THORChain explorer. On February 27, following the Bybit exploit, THORChain experienced its largest daily swap volume, surpassing $1 billion and generating more than $554,000 in total income.

This rise in revenue, however, has been overshadowed by controversy, as the Lazarus Group continues to use THORChain as a conduit for laundering stolen assets.

The Lazarus Group and THORChain: A Controversial Connection

The Lazarus Group, a hacker collective linked to the North Korean regime, has been under scrutiny for its involvement in high-profile cybercrimes, including the Bybit hack. Blockchain security firms have identified the group as the primary suspect behind the $1.4 billion hack. Following the exploit, the Lazarus Group used THORChain to transfer a significant portion of the stolen funds, leveraging its cross-chain asset swap capabilities to obfuscate the trail.

While THORChain has gained attention for processing these transactions, its lack of KYC (Know Your Customer) and anti-money laundering mechanisms has drawn criticism. According to crypto commentators and industry analysts, THORChain’s decentralized nature and lack of a “kill switch” allowed illicit funds to flow freely, raising questions about whether the protocol could have done more to prevent it.

As the controversy surrounding THORChain’s involvement in facilitating the laundering of stolen funds mounted, the protocol’s core developer, known only by the alias Pluto, resigned on February 27. In a post on X (formerly Twitter), Pluto announced that they would no longer contribute to the protocol, citing dissatisfaction with a vote to unblock North Korean hacker-linked illicit funds.

This resignation highlights the internal tensions within THORChain as its role in facilitating illicit transactions remains under intense scrutiny.

Criticism: The Lack of Action Against Illicit Funds

Crypto commentators and industry experts have sharply criticized THORChain for its lack of proactive measures to prevent the laundering of stolen assets. Yogi, a well-known crypto commentator, took to social media to highlight the fact that THORChain’s lack of KYC requirements and failure to implement robust monitoring tools allowed the Lazarus Group to launder over $600 million through the protocol.

Other decentralized protocols have been able to block suspicious wallets or transactions without sacrificing decentralization, Yogi pointed out. Blockchain analytics firm Elliptic flagged 11,084 wallet addresses that are suspected of being linked to the Bybit exploit, and this number is expected to grow as investigations continue.

Bybit CEO Ben Zhou confirmed on March 4 that approximately $280 million of the stolen funds had gone “dark”, meaning that the funds were laundered and have become untraceable. This serves as a reminder of how sophisticated cybercriminals can use decentralized platforms like THORChain to move illicit funds and evade law enforcement detection.

The Path Forward for THORChain

As THORChain continues to generate revenue and process billions in asset swaps, its reputation is at a crossroads. While its cross-chain swapping capabilities have gained significant traction, the protocol’s ability to effectively address illicit activities remains a major point of contention. The crypto community is now calling for stronger safeguards to prevent the misuse of decentralized platforms like THORChain in money laundering schemes.

For THORChain, the question is whether it will implement stronger measures to monitor transactions and prevent criminal activity, or if it will continue to prioritize its decentralized ethos, even if it means being used by bad actors. How the protocol navigates these issues will likely determine its future in the rapidly evolving crypto landscape.

THORChain’s role in the Bybit hack highlights the challenges faced by decentralized finance (DeFi) protocols in ensuring the integrity of their platforms while maintaining decentralization. As DeFi continues to grow, the need for comprehensive security measures and anti-money laundering practices will become increasingly important. The industry will need to find a balance between decentralization and responsibility to prevent decentralized protocols from becoming tools for illicit activities.

As for THORChain, its future may depend on how it handles this controversy and whether it can implement the necessary safeguards to prevent misuse without compromising its core decentralized principles. The pressure is mounting for the protocol to take action to protect its reputation and the broader DeFi ecosystem.