The hacker behind Bybit’s record-breaking $1.4 billion crypto heist has successfully laundered 100% of the stolen funds in just ten days, sparking concerns over security vulnerabilities in the DeFi space. However, blockchain experts believe that a small fraction of the stolen assets may still be recovered.

The attack, which took place on Feb. 21, targeted liquid-staked Ether, Mantle Staked ETH (mETH), and other ERC-20 tokens, making it the largest crypto theft in history. According to blockchain security firm Lookonchain, the hacker moved the stolen 500,000 Ether (ETH), now worth approximately $1.04 billion, primarily through THORChain, a decentralized cross-chain protocol designed for anonymous transactions.

Despite being identified by multiple blockchain analytics firms, including Arkham Intelligence, North Korea’s Lazarus Group is suspected of orchestrating the attack and laundering the funds. The exploit comes amid rising concerns over North Korean cybercrime, with South Korean authorities recently sanctioning 15 individuals for using crypto hacks to fund the country’s nuclear weapons program.

While the hacker has managed to obfuscate the majority of the funds, blockchain security experts remain hopeful that a small percentage can still be tracked and frozen. Cyvers CEO Deddy Lavid noted that despite cross-chain swaps and mixers complicating the process, cybersecurity firms utilizing AI-driven models and on-chain intelligence may have a chance at recovering some funds.

Bybit CEO Ben Zhou revealed that 77% of the stolen funds were initially traceable, but over $280 million has now “gone dark.” Meanwhile, Bybit has fully replaced the lost funds and continues to operate without disruptions.

As crypto security firms develop new countermeasures, emerging solutions like offchain transaction validation could prevent the vast majority of future hacks by simulating and preemptively validating blockchain transactions before they occur.