German Authorities Seize $37.4M in Assets from Shuttered Crypto Exchange eXch

German prosecutors confiscate servers and digital assets from platform accused of laundering proceeds from major crypto hacks.

4 Total views

German authorities have seized servers and cryptocurrency valued at $37.4 million (€34 million) from eXch, a crypto exchange that prosecutors say operated without proper licenses and facilitated money laundering for North Korean threat actors linked to the Bybit hack in February.

Germany‘s Federal Criminal Police Office, the Bundeskriminalamt (BKA) issued a statement on Friday alleging the platform processed transactions without implementing proper anti-money laundering controls, making it an attractive option for criminals seeking to obscure stolen funds.

"Crypto swapping is an essential component of the underground economy, used to conceal incriminated funds from illegal activities," Dr. Benjamin Krause, chief public prosecutor at the German Central Office for Combating Cybercrime (ZIT), said in a translation of the statement.

Those activities include "hacking or trading in stolen payment card data," and makes them "available to perpetrators," Krause explained.

The confiscated items include crypto holdings, server hardware, and other types of digital infrastructure. The defunct exchange‘s services were "accessible on both the clearnet and the darknet," and were advertised on "platforms of the criminal underground economy," authorities noted.

These developments come as Germany is slated to participate in the G7 summit, where North Korea‘s crypto hacks would reportedly be discussed.

The exchange announced its closure last month after connections to multiple crypto thefts were revealed. However, blockchain analytics firm TRM Labs claimed it continued to operate.

Lazarus links

The now-defunct crypto exchange was used "to launder hundreds of millions from the Bybit hack, Multisig hack, FixedFloat exploit, $243M Genesis Creditor theft," pseudonymous blockchain investigator ZachXBT reported in Investigations, their Telegram channel.

eXch was also involved in "countless phishing drainer services over the past few years with refusal to block addresses and freeze orders," ZachXBT claimed.

In February, eXch faced mounting scrutiny after blockchain analytics firm Elliptic linked it to North Korea‘s notorious Lazarus Group and their involvement in the Bybit hack that resulted in over $1.4 billion in stolen funds.

Elliptic and others, including ZachXBT, alleged eXch of processing "tens of millions of dollars" in stolen assets from the hack despite Bybit‘s requests to block it.

A purported email response from eXch, archived on X and cited by Elliptic, claims the exchange chose not to acknowledge Bybit‘s requests.

At the time, eXch acknowledged in a statement to Decrypt that it did receive a request from Bybit to blacklist some addresses, though those were "a minor part of the total amount," eXch CEO Johann Roberts told Decrypt at the time.

Decrypt has reached out to eXch for comment on the German authorities‘ actions and will update this article should we receive a response.

Your Email

#Law and Order