Japanese crypto mining pool operator SBI Crypto, a subsidiary of financial giant SBI Group, has become the latest target of a high-value hacking incident.
Blockchain investigators have confirmed that the company lost around $21 million in digital assets following a breach on September 24, 2025.
The theft, first flagged by independent blockchain analyst ZachXBT, involved suspicious outflows from multiple wallets connected to SBI. On-chain data shows that these wallets were systematically drained in a series of coordinated transactions.
What Was Stolen and How
The compromised wallets contained a mix of Bitcoin, Ethereum, Litecoin, Dogecoin, and Bitcoin Cash. Once stolen, the assets were quickly moved through five instant exchanges, a tactic designed to fragment and obscure the money trail.
Afterward, the funds were funneled into Tornado Cash, a well-known crypto mixer. Notably, investigators say this step mirrors the playbook used in past cyberattacks attributed to North Korean groups.
Lazarus Group Suspected
In a Telegram post, analyst ZachXBT pointed out that the digital fingerprints of the SBI hack closely match those used by the Lazarus Group, a North Korean state-sponsored cyber unit.
The group has become notorious in recent years for large-scale thefts from the global crypto industry, using the stolen funds to evade international sanctions and finance state operations. However, SBI Crypto has yet to issue a public statement.
Tornado Cash in Spotlight Again
Meanwhile, the use of Tornado Cash has reignited debate about the platform’s role in enabling cybercrime. The U.S. Treasury sanctioned the service in 2022, citing its central role in laundering billions of dollars linked to North Korean hackers.
In 2025, however, a U.S. court lifted restrictions, allowing the mixer to resume operations. This decision has drawn criticism from security experts. According to them, it has once again made it easier for hostile actors to exploit the platform.
Growing List of Crypto Heists
The SBI Crypto case is not an isolated incident. In fact, North Korean hackers have intensified their campaigns against the digital asset industry, targeting exchanges, wallet providers, and crypto banks.
For instance, in 2024, blockchain forensic firms reported 47 incidents that resulted in losses exceeding $1.3 billion. Moreover, the trend accelerated in 2025, with hackers stealing an estimated $2.2 billion in the first half of the year.
Among the most damaging attacks this year was the $1.4 billion breach of Bybit, a major crypto exchange. The year was further marked by the theft of nearly $50 million from crypto neobank Infini.
DisClamier: This content is informational and should not be considered financial advice. The views expressed in this article may include the author's personal opinions and do not reflect The Crypto Basic opinion. Readers are encouraged to do thorough research before making any investment decisions. The Crypto Basic is not responsible for any financial losses.
