In a story that sounds like it came straight from a crypto thriller, SBI Crypto, the digital arm of Japan’s financial giant SBI Group, just got cleaned out to the tune of $21 million.
The culprits? A crafty gang of hackers suspected to be linked to North Korea’s infamous Lazarus Group.
Their target? SBI Crypto’s mining pool, where digital gold like Bitcoin, Dogecoin, Litecoin, Ethereum, and Bitcoin Cash were quietly siphoned off.
Stay ahead in the crypto world – follow us on X for the latest updates, insights, and trends!🚀
Laundering schemes
Blockchain detective extraordinaire ZachXBT sniffed out the illicit flow. On September 24th, he spotted suspicious outflows from SBI Crypto’s wallets, sending the loot darting through five fast exchanges before vanishing into Tornado Cash, an anonymizing service that’s been slapped with U.S. sanctions for turning laundering schemes into an art form. ZachXBT’s Telegram announcement read like a crime novel.
“Several indicators match previous DPRK, North Korean attacks, making this all too familiar for anyone tracking cybercrime in crypto.”
SBI Holdings isn’t some crypto newbie either. Japan’s largest traditional finance powerhouse has been deepening its crypto roots, rolling out Bitcoin ETFs and tokenized stocks for eager customers dipping their toes into the blockchain waters.
But more exposure also means more risk, and evidently, a juicy target for hackers who love breaking into mining pools.
These pools act like giant mixers, pooling mining power and funds, which unfortunately means more holes for digital bandits to exploit.
State-backed cybercrime
The stolen funds didn’t just disappear into the ether. After hopping across exchanges at lightning speed, they were cloaked in Tornado Cash’s digital fog.
This tale repeats itself with scary predictability, stolen crypto moves through mixers, leaving victims out of options to recover their losses.
North Korea’s Lazarus Group has a knack for these high-stakes heists, reportedly pulling off digital robberies worth billions.
ZachXBT’s analysis pinpoints eerie similarities between SBI’s hack and earlier Lazarus attacks, painting a chilling picture of state-backed cybercrime ramping up in the crypto shadows.
Billions on the line
Mining pools like SBI’s are convenient and powerful, but they’re also ticking time bombs for security breaches, juggling vast amounts of crypto from various sources.
As mining and blockchain tech grow more sophisticated, so too do the predators lurking in the networks. It’s a cat-and-mouse game with billions on the line.
SBI Group hasn’t officially confirmed the hack yet, but this cyber heist screams a warning, even big players with heavy wallets aren’t safe in crypto’s playground.
As attacks on mining pools, exchanges, and bridges rise, the industry’s security headaches keep multiplying along with the digital fortunes at stake.
Disclosure:This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.
Kriptoworld.com accepts no liability for any errors in the articles or for any financial loss resulting from incorrect information.
Cryptocurrency and Web3 expert, founder of Kriptoworld
LinkedIn | X (Twitter) | More articles
With years of experience covering the blockchain space, András delivers insightful reporting on DeFi, tokenization, altcoins, and crypto regulations shaping the digital economy.
📅 Published: October 3, 2025 • 🕓 Last updated: October 3, 2025
✉️ Contact: [email protected]
