Recommended

#BTCCOGWEEK: Celebrate the Classics of Meme Coins
Crypto Deposit Make instant crypto transfers to your futures account
USDT-M Perpetual Futures Trade futures contracts settled in USDT
VIP Fee Discounts Enjoy different fee discounts based on your VIP level
Coin-M Perpetual Futures Trade futures contracts settled in cryptocurrency
Fiat Deposit Buy your favourite coins in seconds
Affiliates Invite friends & get rewarded
Convert Covert your crypto instantly
Support Centre Find our FAQs here
Announcements Find all our official announcements
BTCC Academy Learn about blockchain and crypto
News The latest trends in the crypto market

Promotions

Referral
Campaigns
Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
Register
BTCC / BTCC Square / ZycryptoEN /
EXPOSED: Garden Finance’s Bridge Service Allegedly Helped North Korean Hackers Launder Stolen Bybit Funds – ZachXBT Blows the Whistle

EXPOSED: Garden Finance’s Bridge Service Allegedly Helped North Korean Hackers Launder Stolen Bybit Funds – ZachXBT Blows the Whistle

Author:
ZycryptoEN
Published:
2025-06-22 16:55:09
8
1

Crypto detective ZachXBT drops a bombshell accusation: Garden Finance's cross-chain bridge may have become a laundromat for North Korea's Lazarus Group.

How a DeFi 'utility' turned into a hacker's playground

The bridging service – designed to move assets between blockchains – allegedly processed funds stolen in Bybit's 2023 hack. Perfect cover: legitimate infrastructure masking illicit flows while collecting fees. DeFi's dirty little secret? Compliance is still optional when profits are involved.

The ultimate irony

While Garden Finance marketed itself as 'building bridges for Web3,' investigators claim it accidentally built an exit ramp for stolen crypto. Another reminder that in crypto, 'trustless' systems still require someone to watch the watchers.

Closing thought: Nothing launders money quite like decentralized finance – except maybe a Swiss bank with lower yields and better PR.

Euler Finance $197 Million Hack Bears Links With North Korea But It Could All Be One Big Misdirection

Garden Finance, a Bitcoin bridging service, has been accused of assisting hackers to launder money. ZachXBT, a crypto analyst, said that over 80% of Garden Finance’s fees were sourced from laundered money. Garden Finance had around $300,000 in fees. ZachXBT is convinced that Garden Finance is somehow involved in shady transactions and that he can prove it by conducting blockchain analysis. ZachXBT believes there is a link between the Bybit hack of $1.4 billion and the Garden Finance platform. The contention exists over whether 30 BTC was used to enable money laundering. Garden Finance has replied that the 30 BTC was used before the Bybit hack occurred. The debate between Garden Finance and ZachXBT is ongoing.

The Bybit hack occurred on February 21, 2025, involving an exploit of a cold wallet, resulting in the loss of $1.4 billion in Ethereum. The attacker compromised a SAFE wallet used by a Bybit developer and exploited the wallet five days after the initial compromise. ZachXBT, amongst other blockchain analysts, traced the stolen funds to DeFi addresses used by North Korea’s Lazarus Group. However, when confronted with the latest accusations, Garden Finance co-founder Jaz Gulati said ZachXBT was basing his analysis on misinformation. ZachXBT asked why money launderers were topping up Garden Finance’s liquidity from Coinbase while moving compromised Bybit funds. The debate continued, with other developers stepping in to give their opinions about the recent controversy.

Jaz Gulati, co-founder of Garden Finance, defended his platform against the allegations. He pointed out that the 30 BTC of fees were collected before the Bybit attack, refuting the claim that they had somehow been involved. ZachXBT continued his analysis by claiming other links between Bybit and the WazirX hack, which was linked to the Lazarus Group. ZachXBT surmised that the problem was exacerbated by the fact that Garden Finance was not analysing its blockchain data to prevent a single actor from controlling the network. ZachXBT essentially said the network was compromised due to a lack of decentralized structures within the ecosystem. The arguments against the Garden Bridge may be valid drawbacks to the bitcoin bridge system, which nefarious groups could hijack to launder money. However, these vulnerabilities may be inherent to the bridging infrastructure rather than the intent of Garden Finance developers. 

James Scaur, a supporter of Garden Finance, jumped into the debate to support Gulati and to possibly provide a valid reason for the blockchain links. Scaur suggested that the Pareto distribution could provide a valid reason for the unequal distribution of liquidity providers, indicating that only a small number of liquidity nodes give the majority of liquidity for a service. Scaur suggested an alternative reason for the blockchain links that ZachXBT uncovered, pointing out that at any given time, there may be only a few liquidity providers present. Scaur further argued that it is a difficult task to block hackers from using swap services and does not necessarily imply complicity on the part of Garden Finance. However, ZachXBT was not convinced by Scaur’s argument, responding that Garden Finance lacked decentralisation because a single node provided the majority of liquidity for weeks after Garden Finance changed the threshold for large swaps to 10 cbBTC. ZachXBT also pointed out that Garden Finance had minimal activity apart from Bybit transactions, making the platform easy to analyse and spot illicit transactions. 

Decentralisation loopholes and compliance issues have plagued the blockchain industry lately, with various problems that could disrupt the integrity of blockchains across the globe. Garden Finance prides itself on being a decentralized, trustless bridge service. However, ZachXBT has accused the service of having a single point of failure, which North Korean hackers are exploiting. Jaz Gulati, co-founder of Garden Finance, has not been impressed by ZachXBT’s accusations and has tried to defend his service from being linked with the Bybit hack. However, if a single liquidity provider can dominate the bridging service, the service may function as a private exchange for nefarious activities. Lazarus Group uses various DeFi and mixer services to launder their hacked proceeds. Whether Garden Finance was complicit in helping North Korean hackers or whether they were duped into supporting illicit activities is yet to be established. Traders, however, may be interested in the validity of these bridging services to ascertain whether their funds are truly being swapped with a trustless infrastructure.

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GEI IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service
Social Media

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2025 BTCC.com. All rights reserved