On September 24, 2025 addresses linked to SBI Crypto saw ~$21M in suspicious outflows
Contents
On September 24, 2025 addresses linked to SBI Crypto saw ~$21M in suspicious outflows on Bitcoin, Ethereum, Litecoin, Doge, & Bitcoin Cash.
The stolen funds were transferred to five instant exchanges and deposited to Tornado Cash. Interestingly several indicators share similiarities to other known DPRK attacks.
SBI Crypto is a mining pool that's a subsidiary of SBI Group, a publicly traded company in Japan.
As of now it does not appear they have publicly disclosed the incident.
Theft addresses:
0x40d76a78ddba2ea81fb0f9fba147a08bcfc2b866
bc1qx0a2kfjd7eweczv8xqjm6rggm40v0nkhfss78l
qpv9nh5ktagsmtkqle8z2w4dd3mksskpmy499z7c9k
ltc1qjyrn9p803efj3p8a0g3fmlevs45kq704ns363t
DRiEQuJ9pt3GgNraQmHVTjNg4B7uv1XuGb
The stolen funds were transferred to five instant exchanges and deposited to Tornado Cash. Interestingly several indicators share similiarities to other known DPRK attacks.
SBI Crypto is a mining pool that's a subsidiary of SBI Group, a publicly traded company in Japan.
As of now it does not appear they have publicly disclosed the incident.
Theft addresses:
0x40d76a78ddba2ea81fb0f9fba147a08bcfc2b866
bc1qx0a2kfjd7eweczv8xqjm6rggm40v0nkhfss78l
qpv9nh5ktagsmtkqle8z2w4dd3mksskpmy499z7c9k
ltc1qjyrn9p803efj3p8a0g3fmlevs45kq704ns363t
DRiEQuJ9pt3GgNraQmHVTjNg4B7uv1XuGb