Crypto Hacker Dunks on ZachXBT After Laundering Millions via THORChain

The hacker behind the December 2024 Coinbase data breach has resurfaced, mocking blockchain investigator ZachXBT with an on-chain message reading “L bozo” and linking to a meme video.

The taunt came after the attacker used THORChain to swap $42.5 million from Bitcoin to Ether.

BREAKING🚨 COINBASE HACKER WHO STOLE $300M TAUNTS ZACHXBT WITH ONCHAIN MESSAGE AFTER CONVERTING $42.5M $BTC TO $ETH VIA THORCHAIN

The hacker then swapped 8,698 $ETH for $22.12M $DAI pic.twitter.com/sL8j7NJ7YD

— CryptoSavingExpert ® (@CryptoSavingExp) May 22, 2025

ZachXBT identified the wallet and flagged it on his Telegram channel.

The following day, analysts reported further movement: 8,697 ETH was converted to 22 million DAI, and a linked wallet swapped 9,081 ETH for 23 million DAI.

The Coinbase breach affected over 69,000 users, exposing names and home addresses.

After being discovered on May 11, the hackers demanded a $20 million ransom, which Coinbase refused, offering a $20 million bounty instead.

The incident may cost Coinbase between $180 million and $400 million, and has triggered at least six lawsuits over security failures.

The hacker’s use of THORChain has reignited concerns about its role in laundering funds.

The platform previously faced scrutiny during the $1.4 billion Bybit hack linked to North Korea’s Lazarus Group.

A THORChain developer, “Pluto,” resigned after an internal vote to block such transactions was overturned.

About The Author