SBI Crypto Suffers $21M Hack With North Korean Lazarus Group Ties - BTC ETH LTC DOGE BCH Stolen

SBI Crypto, a subsidiary of Japan's financial giant SBI Group, experienced suspicious outflows totaling approximately $21 million on September 24, 2025, as reported by blockchain investigator ZachXBT. The security breach involved multiple cryptocurrencies including Bitcoin (BTC), Ethereum (ETH), Litecoin (LTC), Dogecoin (DOGE), and Bitcoin Cash (BCH). Following the theft, the stolen assets were rapidly transferred through five instant exchanges before being deposited into Tornado Cash, the cryptocurrency mixing service previously sanctioned by the U.S. Treasury Department. In his Telegram analysis, ZachXBT identified several indicators matching tactics previously used in North Korean state-sponsored cyberattacks, suggesting potential involvement of DPRK-linked hacking groups. SBI Crypto operates as a mining pool under SBI Group, a publicly traded Japanese financial conglomerate with substantial exposure to both traditional finance and digital assets. At the time of reporting, SBI Group had not publicly acknowledged the security incident or provided an official statement, nor had they responded to CoinDesk's requests for comment. North Korean hacking collectives, particularly the notorious Lazarus Group, have been responsible for billions in stolen cryptocurrency assets in recent years, frequently utilizing decentralized mixers like Tornado Cash despite increasing global regulatory scrutiny and enforcement actions.