Overview

• Sleuth ZachXBT, working with Cyvers, reported that wallets tied to SBI Crypto were drained of roughly $21 million across BTC, ETH, LTC, DOGE, and BCH on September 24.
• The transfers moved through five instant exchanges before landing in Tornado Cash, a mixer previously sanctioned by the U.S. Treasury for its role in laundering stolen funds.
• Investigators say the routing, wallet fingerprints, and timing resemble Lazarus Group playbooks, though there is no law-enforcement attribution and no public confirmation from SBI Group.
• SBI Crypto, the mining arm of Japan’s SBI Group, has not issued a statement or detailed remediation steps, leaving recovery prospects uncertain once funds entered the mixer.
• The reported breach fits a broader trend of large DPRK-linked crypto thefts documented in 2024–2025, including major exchange incidents such as Bybit, according to blockchain forensics firms.