German authorities have seized roughly $38 million worth of cryptocurrency in connection with one of the biggest crypto heists ever recorded—the February 2025 hack of the Bybit exchange, which saw about $1.5 billion in ether (ETH) drained in a matter of hours.
The massive crypto seizure, announced on May 9, was the result of a joint investigation by the Federal Criminal Police Office (BKA) and the Frankfurt Public Prosecutor’s Office. Officials say the seized funds were traced to eXch, an unlicensed crypto swapping platform allegedly used by hackers to launder stolen assets.
Authorities say they also confiscated eight terabytes of data from eXch’s servers and have officially shut the platform down. The move marks the third-largest crypto seizure in German history and sends a strong message: Europe’s financial regulators are stepping up efforts to dismantle the crypto money laundering infrastructure that often enables cybercrime.
A Closer Look at the eXch Platform
The eXch platform wasn’t a household name like Binance or Coinbase — but among hackers, scammers, and darknet users, it was well known. Operating since 2014, eXch allowed users to swap between a variety of cryptocurrencies with minimal oversight, no KYC (Know Your Customer) checks, and no AML (Anti-Money Laundering) safeguards.
That made it a haven for money laundering. According to German investigators, eXch processed more than $1.9 billion worth of crypto transactions over the past decade, much of it believed to be tied to criminal activity.
In particular, officials say the hackers behind the Bybit exploit used eXch to obfuscate their trail. The stolen ETH was converted into Bitcoin (BTC), likely to make it harder for law enforcement to trace on-chain. The funds were then bridged across multiple blockchain networks to avoid detection.
The Bybit Hack: A Global Wake-Up Call
In February 2025, the crypto world was rocked by news that Bybit, one of the largest crypto exchanges by trading volume, had been hacked.
Roughly $1.5 billion in ETH vanished from the platform in what experts have called one of the most sophisticated coordinated exploits ever seen. Bybit said the hackers gained access through a vulnerability in its internal wallet infrastructure, though full details have yet to be disclosed.
Blockchain analysts, including pseudonymous crypto sleuth ZachXBT, quickly traced portions of the stolen ETH to addresses connected to Lazarus Group, the notorious North Korean state-backed hacking organization.
ZachXBT noted that after the hack, the attackers transferred 5,000 ETH to a newly created address, and from there began swapping it into BTC via Chainflip—a decentralized exchange—using eXch as an intermediary to obscure the source.
eXch’s Role in a Larger Laundering Network
eXch didn’t just help launder Bybit’s stolen funds. It was also allegedly used in several other major crypto thefts.
Investigators say the platform facilitated swaps for proceeds from:
- Multisig wallet exploits involving decentralized finance (DeFi) protocols
- The FixedFloat exchange hack, which resulted in millions of dollars in losses
- And even the $243 million exploit targeting Genesis creditors
In each case, hackers took advantage of eXch’s anonymous swap feature to move funds across chains and convert tokens into more liquid or harder-to-trace assets.
Crypto researchers claim eXch refused to blacklist known scam addresses, even when presented with evidence. This lack of compliance—combined with a high volume of suspicious transactions—drew the attention of law enforcement agencies across Europe.
German Prosecutors Take a Firm Stance
German authorities say the recent shutdown of the crypto swapping service eXch is a major step forward in tackling digital money laundering. Prosecutors claim the platform played a key role in turning illegal cryptocurrency into clean funds, helping criminals involved in activities like fraud, drug trafficking, and hacking.
Investigators point out that eXch operated in a regulatory grey area, taking advantage of weak rules and Know Your Customer (KYC) checks. The platform made it easy for users to swap large amounts of crypto with little traceability, making it attractive to criminals looking to hide the source of stolen money.
Officials also highlighted that the seizure is part of a larger global effort to fight illegal financial activities in the crypto world, with international law enforcement agencies working together to make it happen.
Shutdown and Denial
Despite mounting evidence, eXch publicly denied any wrongdoing. In a now-deleted blog post published in mid-April, the platform said it was the victim of “false accusations” and “media misinterpretations.”
Still, the platform announced it would shut down by May 1, citing increasing pressure from regulators and law enforcement. In their final statement, the operators said they had lost confidence in their ability to continue in an “environment of hostility and suspicion.”
They added that users had until the end of April to withdraw funds before the service would go offline permanently. Many in the crypto community saw this as an attempt to quietly exit before authorities seized assets or issued formal charges.
A Bigger Battle Against Crypto Laundering
The takedown of eXch is just the latest in a broader effort by governments to crack down on the abuse of decentralized financial platforms.
In recent years, regulators across Europe and the U.S. have ramped up enforcement against:
- Mixers like Tornado Cash, which help anonymize transactions
- Unregistered exchanges operating outside AML laws
- And bridging services used to move tokens between blockchains undetected
While these services often claim to promote privacy or financial freedom, officials argue they also create loopholes for criminals.
Germany’s BKA said it’s working closely with Europol and other agencies to trace funds beyond eXch and identify individuals connected to the Bybit hack.
Crypto’s Reputation at Stake
The rise in large-scale crypto hacks and money laundering cases has added pressure on legitimate crypto firms to tighten their compliance measures.
Exchanges are increasingly required to implement robust KYC/AML systems, report suspicious transactions, and cooperate with law enforcement. Failure to do so can result in regulatory penalties—or worse, loss of operating licenses.
The case also highlights growing concerns among policymakers that certain blockchain tools—like cross-chain bridges and anonymous swapping services—may be enabling state-sponsored cybercrime.
In the case of Bybit, investigators are still piecing together how exactly the hackers gained access to its wallet system. But the fact that stolen funds were laundered so easily has triggered new calls for stricter global standards in crypto.
What’s Next?
While the $38 million seizure is a significant win for law enforcement, it still represents only a fraction of the total funds stolen in the Bybit hack. The broader investigation remains ongoing, with more asset recoveries and arrests possible in the coming months.
Meanwhile, regulators are watching closely. The EU’s upcoming MiCA (Markets in Crypto-Assets) regulation, which takes full effect in 2025, will likely give European countries more tools to go after platforms like eXch.
For now, the message is clear: no platform is too small or obscure to escape scrutiny, especially when billions of dollars in stolen assets are at stake.
Toncoin 
USDS 
Coinbase Wrapped BTC 
Pepe 
Bittensor