Crypto Exchange eXch Shuts Down Amid Allegations of Bybit Hack Involvement and Lazarus Group Ties

Crypto exchange eXch, a bastion for those valuing privacy with its no-KYC (Know Your Customer) policy, has announced it will cease operations on May 1, 2023. This drastic step comes in the wake of allegations linking eXch to the $400 million Bybit hack in February 2025 and its purported role in facilitating money laundering for North Korea’s Lazarus Group.

• eXch to shut down on May 1, 2023
• Alleged involvement in $400 million Bybit hack
• Linked to North Korea’s Lazarus Group
• Transatlantic operation targeting eXch
• DOJ whistleblower influenced shutdown decision

The Bybit Hack and Lazarus Group

The Bybit hack, executed on February 26, 2025, saw hackers pilfering $400 million in cryptocurrency. The FBI officially connected this heist to North Korea’s Lazarus Group, notorious for its cyber-enabled financial crimes. eXch is accused of processing a minor part of the stolen Ethereum, approximately 90,000 ETH out of the total 401,346 ETH. The significance of this hack lies not just in its scale but in its role within North Korea’s broader strategy of funding its regime through cyber theft.

eXch’s Response to Allegations

eXch’s CEO, Johann Roberts, didn’t mince words: “Such a situation reflects not only our challenges, but also broader issues within the industry, particularly the elitist policies of certain companies like Elliptic.” He’s not just throwing shade; he’s highlighting systemic flaws in the AML (Anti-Money Laundering) practices of other exchanges, which eXch considers “nonsensical” and easily bypassed.

Initially, eXch denied any involvement, stating,

“We are not laundering money for Lazarus/DPRK.”

Yet, they later acknowledged processing a small portion of the stolen Ethereum, defending their refusal to cooperate with Bybit due to past attacks on their reputation.

Regulatory Scrutiny and Privacy in Crypto

The closure of eXch marks a pivotal moment in the ongoing tussle between privacy-focused cryptocurrency exchanges and the increasing regulatory scrutiny they face. eXch, a haven for those seeking to transact without KYC requirements, finds itself in the crosshairs of international law enforcement and geopolitical tensions.

The crypto industry is at a crossroads between privacy and compliance. While eXch’s no-KYC policy has attracted privacy advocates, it’s also a magnet for regulatory crackdowns. The question remains: can the industry balance these competing interests, or will privacy-focused exchanges like eXch continue to bite the dust?

North Korea’s Evolving Tactics

North Korea’s “flood the zone” technique, as described by Nick Carlsen from TRM Labs, involves overwhelming systems with rapid transactions to hide illicit funds. This method, combined with the shift from traditional mixers to more complex laundering strategies using multiple intermediary wallets, decentralized exchanges, and cross-chain bridges (tools that allow the transfer of assets between different blockchain networks), showcases their adaptation to increased scrutiny on mixing services.

eXch mentioned being targeted by SIGINT (Signals Intelligence), indicating surveillance or interception of communications due to these allegations. This highlights the international effort to track and combat North Korea’s cyber-enabled financial crimes.

Future Implications for Privacy-Focused Exchanges

Despite the shutdown, eXch plans to continue providing API access to partners until May 1, after which a new management team will take over to assess future operations. This move suggests a potential continuity or transformation of the exchange, a beacon of hope for those who value privacy in the crypto ecosystem.

The closure of eXch underscores the tension between privacy in cryptocurrency transactions and the need to combat money laundering and terrorism financing. It also highlights the challenges privacy-focused exchanges face under increasing regulatory pressure, suggesting a potential shift towards more stringent AML practices across the industry.

As the crypto community grapples with these developments, the balance between privacy and security remains a contentious issue. eXch’s closure may be a cautionary tale for other privacy-focused exchanges, but it also raises questions about the future of decentralized finance and the role of regulation in shaping the industry.

Key Takeaways and Questions

• What led to eXch’s decision to shut down?

  eXch’s decision to shut down was influenced by allegations of involvement in the Bybit hack, an ongoing transatlantic operation targeting its infrastructure, and information from a DOJ whistleblower.

• How did eXch respond to the allegations of money laundering?

  eXch initially denied the allegations, claiming outdated data from its AML provider was responsible. Later, they acknowledged processing a minor part of the stolen Ethereum but argued their refusal to cooperate with Bybit was due to past attacks on their reputation.

• What are the broader implications for the cryptocurrency industry?

  The closure of eXch highlights the challenges privacy-focused exchanges face under increasing regulatory scrutiny. It also underscores the need for effective AML practices and the potential for geopolitical tensions to impact the industry.

• What is the role of SIGINT in this context?

  SIGINT, or Signals Intelligence, is used by intelligence agencies to gather information. eXch mentioned being targeted by SIGINT, indicating surveillance or interception of communications due to the allegations against them.

• What future steps did eXch outline?

  eXch will continue to provide API access to partners until May 1, 2023, after which a new management team will determine future operations.