Overview

• On Sept. 24, addresses tied to SBI Crypto saw roughly $21 million exit in BTC, ETH, LTC, DOGE and BCH, according to blockchain investigator ZachXBT.
• Investigators say the funds moved through five instant exchanges before being deposited into Tornado Cash, a mixer previously sanctioned by the U.S. Treasury.
• ZachXBT, working with security firm Cyvers, reported transaction indicators that resemble workflows used in prior North Korea–linked operations.
• SBI Group has not publicly acknowledged an incident or responded to media inquiries, and no law-enforcement attribution has been announced.
• The episode highlights ongoing state-linked crypto thefts that target infrastructure such as mining pools and then rapidly obscure flows through exchange hops and mixers.