Michaela
Blockchain investigator ZachXBT has accused Garden Finance, a Bitcoin-native decentralized finance (DeFi) protocol, of laundering crypto tied to Lazarus Group hacks like Bybit.
ZachXBT claimed in a recent post on X that more than 80% of Garden Finance’s revenue comes from laundering funds allegedly linked to North Korea’s Lazarus Group. The accusation directly counters a post by Garden Finance co-founder Jaz Gulati, who spotlighted the protocol’s growth, citing 38.86 Bitcoin (BTC) in total fees and $300,000 earned in the 12 days leading up to June 2.
“You conveniently left out >80% of your fees came from Chinese launderers moving Lazarus Group funds from the Bybit hack,” ZachXBT wrote. “Who are you building for again?” the on-chain investigator added, referencing Garden Finance’s self-description as “the fastest Bitcoin bridge.”
Gulati responded to ZachXBT’s allegations by noting that 30 BTC in fees were generated prior to the Bybit hack. However, the blockchain investigator expanded on his claims, alleging that Garden Finance was also used in connection with additional hacks attributed to the North Korea-linked Lazarus Group, including the incident involving WazirX.
Related: Strategy Sells $1.4B in Stock to Cover Bills Amid Bitcoin Slump
“Imagine founding a fake decentralized bridge and not being able to read the blockchain to analyze such flows,” ZachXBT wrote. Gulati responded to the on-chain investigator, claiming that he was spreading misinformation.
In response, ZachXBT questioned the decentralized nature of Garden Finance’s bridge, calling on Gulati to clarify its structure. He claimed to have observed, over several days, a single entity repeatedly supplying cbBTC liquidity from Coinbase, an activity he says enabled Chinese-based actors to continue transferring funds tied to the Bybit hack. Gulati did not provide a response to ZachXBT’s request for further clarification.
Related: The History of Altcoins: How Bitcoin’s Rivals Changed the Crypto Game
In early 2025, Bybit, a major cryptocurrency exchange, suffered a significant security breach allegedly carried out by the Lazarus Group. The hackers exploited vulnerabilities in the platform to steal a substantial amount of cryptocurrency from user accounts.
Following the theft, the stolen assets were laundered through various decentralized finance protocols and cross-chain bridges to obscure their origin.
Authorities and blockchain investigators have since been working to trace these illicit funds and recover them, emphasizing ongoing concerns about the role of sophisticated hacking groups in targeting crypto platforms.
Read More
- Bybit Tracks $1B+ in Stolen Crypto From Lazarus Group Hack
- North Korea’s Lazarus Group Expands Crypto Holdings After Bybit Hack
- Lazarus Group Blunder Reveals Crypto Hackers’ Hidden Trail
MICHAELA
Michaela is a news writer focused on cryptocurrency and blockchain topics. She prioritizes rigorous research and accuracy to uncover interesting angles and ensure engaging reporting. A lifelong book lover, she applies her passion for reading to deeply explore the constantly evolving crypto world.
