Michaela
Blockchain investigator ZachXBT has accused Garden Finance, a Bitcoin-native decentralized finance (DeFi) protocol, of laundering crypto tied to Lazarus Group hacks like Bybit.
ZachXBT claimed in a recent post on X that more than 80% of Garden Finance’s revenue comes from laundering funds allegedly linked to North Korea’s Lazarus Group. The accusation directly counters a post by Garden Finance co-founder Jaz Gulati, who spotlighted the protocol’s growth, citing 38.86 Bitcoin (BTC) in total fees and $300,000 earned in the 12 days leading up to June 2.
“You conveniently left out >80% of your fees came from Chinese launderers moving Lazarus Group funds from the Bybit hack,” ZachXBT wrote. “Who are you building for again?” the on-chain investigator added, referencing Garden Finance’s self-description as “the fastest Bitcoin bridge.”
Gulati responded to ZachXBT’s allegations by noting that 30 BTC in fees were generated prior to the Bybit hack. However, the blockchain investigator expanded on his claims, alleging that Garden Finance was also used in connection with additional hacks attributed to the North Korea-linked Lazarus Group, including the incident involving WazirX.
“Imagine founding a fake decentralized bridge and not being able to read the blockchain to analyze such flows,” ZachXBT wrote. Gulati responded to the on-chain investigator, claiming that he was spreading misinformation.
In response, ZachXBT questioned the decentralized nature of Garden Finance’s bridge, calling on Gulati to clarify its structure. He claimed to have observed, over several days, a single entity repeatedly supplying cbBTC liquidity from Coinbase, an activity he says enabled Chinese-based actors to continue transferring funds tied to the Bybit hack. Gulati did not provide a response to ZachXBT’s request for further clarification.
In early 2025, Bybit, a major cryptocurrency exchange, suffered a significant security breach allegedly carried out by the Lazarus Group. The hackers exploited vulnerabilities in the platform to steal a substantial amount of cryptocurrency from user accounts.
Following the theft, the stolen assets were laundered through various decentralized finance protocols and cross-chain bridges to obscure their origin.
Authorities and blockchain investigators have since been working to trace these illicit funds and recover them, emphasizing ongoing concerns about the role of sophisticated hacking groups in targeting crypto platforms.
Read More
- Bybit Tracks $1B+ in Stolen Crypto From Lazarus Group Hack
- North Korea’s Lazarus Group Expands Crypto Holdings After Bybit Hack
- Lazarus Group Blunder Reveals Crypto Hackers’ Hidden Trail
Michaela has no crypto positions and does not hold any crypto assets. This article is provided for informational purposes only and should not be construed as financial advice. The Shib Magazine and The Shib Daily are the official media and publications of the Shiba Inu cryptocurrency project. Readers are encouraged to conduct their own research and consult with a qualified financial adviser before making any investment decisions.
