If you want to understand what happens to funds after they’re stolen by North Korea/Lazarus Group, the Chainalysis 2022 report is great Step 1: Swap any ERC20s (like stETH) into #ETH Step 2: Swap any #ETH into #BTC Step 3: Cash out #BTC to cash (Chinese Renminbi) using Asian exchanges This process can take years. They are in no hurry. In 2022, it was noted how North Korea was still sitting on $55 worth of funds from hacks that happened six years earlier (2016). In the meantime, #Bybit will have to shore up ~$1.5b worth of #ETH They’re doing that now by loans But the reason to go the loan route was likely because there was a chance to retrieve the funds. Then it’s easier to use the confiscated ETH to pay back the loan than going out and market blasting $1.5bn worth of ETH and ending up with double the money if you get it back. But seeing as this is confirmed to be the Lazarus Group, there’s very little chance that those funds will ever be returned. So #Bybit will have to buy the ETH to pay back their loan (or pay back the USD amount owed, which would then constitute an OTC buy), and there’s really not much sense in waiting that long to do this. So net net, #Bybit will be buying ETH and Lazarus will be dumping #ETH for #BTC Net effect on ETH should ~cancel itself out. #BTC will catch a bid from Lazarus and over the years turn into sell pressure, but that can take long. Link to #Chainalysis report: https://go.chainalysis.com/rs/503-FAP-074/images/Crypto-Crime-Report-2022.pdf Start at page 132, but the whole report overall is a worthwhile read. Oh yeah, and I totally missed Step 4. Step 4: Use the proceeds to fund North Korea’s nuclear and ballistic missiles program (real, unfortunately). Original Text: https://x.com/ercwl/status/1893052861980061858