Main Points:
- Lykke, a UK‑registered and Switzerland‑based crypto exchange, suffered a $23 million hack in June 2024.
- Attackers stole 158 BTC and 2,161 ETH; attribution primarily points to North Korea’s Lazarus Group, though evidence remains inconclusive.
- Funds were laundered through mixers and decentralized platforms, obscuring traceability.
- The hack led to the shutdown and liquidation of Lykke; founder declared bankrupt amid criminal probes.
- Highlights critical vulnerabilities in centralized exchanges, regulatory gaps, and rising state‑sponsored crypto threats (e.g., Bybit’s $1.4 billion hack).
- Emphasizes the urgent need for stronger security protocols: non‑custodial wallets, MPC, international regulatory cooperation.
1. Background: From Zero-Fee Startup to Catastrophic Collapse
In June 2024, Lykke—a cryptocurrency exchange registered in the UK and operating out of Switzerland’s Zug crypto hub—fell victim to a devastating cyberattack that resulted in the theft of approximately $23 million worth of digital assets, namely 158 BTC and 2,161 ETH. Founded in 2015 by Richard Olsen, Lykke attracted users by advertising zero transaction fees—a bold proposition that helped build its initial user base but may have come at the expense of robust security infrastructure.
Once the breach was detected, Lykke froze trading activities, and by December 2024 the platform officially suspended operations. In March 2025, a UK court initiated liquidation proceedings following claims from over 70 creditors who asserted collective losses amounting to £5.7 million. Interpath Advisory was appointed as curator to oversee asset distribution, and Swiss parent entities similarly entered liquidation. Meanwhile, Richard Olsen filed for bankruptcy in January 2025 and became the subject of criminal investigation in Switzerland.
2. Attribution: Lazarus Group—or Something More?
The UK’s Office of Financial Sanctions Implementation (OFSI) officially attributed the attack to North Korea’s cyberweaponized Lazarus Group. This attribution is corroborated by security think tanks such as WhiteStream, which identified characteristic patterns of laundering that align with Lazarus’s modus operandi.
However, some independent researchers caution that attribution is not definitive without stronger forensic evidence . Observers note that Lazarus has historically targeted exchanges, wallets, and used mixers and bridges for fund obfuscation—an operational signature that aligns with this case, even if confirmation is pending.
3. The Laundering Trail: Mixers, Platforms, and Murky Flows
Blockchain investigators report that the stolen funds were routed through complex chains of mixers and regulatory‑light platforms to camouflage their origin and distribution. Specifically, Ethereum was converted into DAI via MakerDAO, while Bitcoin holdings were spread across multiple wallets to evade detection. These laundering tactics complicate on‑chain tracing and raise concerns about the evolving sophistication of money‑laundering in cryptocurrency networks.
4. Broader Context: Rising Crypto Hacks and State-Sponsored Threats
The Lykke incident is far from isolated. In February 2025, Bybit suffered what remains the largest crypto exchange hack in history—an estimated $1.4 billion was stolen through compromise of a third‑party multisig wallet infrastructure, and blockchain analysis linked the attack to Lazarus Group. Globally, crypto-related losses have soared, with more than $2.17 billion in thefts recorded in 2025 alone.
The Lykke hack underscores systemic vulnerabilities: centralized platforms remain juicy targets, and criminals—be they state actors or others—can exploit both technical weaknesses and regulatory gray areas.
5. Security Recommendations: Decentralization, MPC, and Regulatory Reform
The aftermath of Lykke’s collapse has sparked urgent calls for enhanced security frameworks. Experts advocate adopting non‑custodial models and multi‑party computation (MPC) to reduce single points of failure. Regulatory bodies, too, are being urged to close loopholes in licensing and operational oversight—especially regarding KYC/AML compliance.
Furthermore, international cooperation is essential to deter state‑backed cybercrime. The OFSI’s attribution of the Lykke hack underscores the need for unified policy responses to shield crypto ecosystems from geopolitical threats.
6. Visual: Flow Chart [Insert after this paragraph]
Insert here a clear infographic showing: “Timeline and Flow of the Lykke Hack”
- Attack in June 2024 → Theft (158 BTC / 2,161 ETH) → Laundering via mixer/MakerDAO → Exchange freeze in Dec 2024 → Liquidation in Mar 2025 → Founder bankruptcy January 2025 → Ongoing legal proceedings.
7. Analysis: What This Means for Crypto Investors and Practical Blockchain Users
Practical users and investors, especially those exploring emerging crypto projects or seeking revenue sources, should consider these lessons:
- Risk of Centralization: Centralized exchanges—even those promising zero fees—can vanish overnight following a breach.
- Due Diligence Is Critical: Investigate security track records, regulatory compliance, and audit history of platforms.
- Use of Self‑Custody Tools: Non‑custodial wallets reduce exposure to exchange failures; advanced tools like MPC can combine usability and security.
- Geopolitical Risks Matter: State‑sponsored groups continue to target crypto — user awareness and institutional readiness must adapt accordingly.
8. Visual: Table of Major Lazarus-Linked Crypto Heists
A table summarizing:
| Year | Target | Amount Stolen |
|---|---|---|
| 2022 | Axie Infinity (Ronin Bridge) | ~$620 million |
| 2023 | Atomic Wallet | >$100 million |
| 2025 | Bybit Exchange | $1.4 billion |
| 2024 | Lykke Exchange | $23 millio |
9. Conclusion
The collapse of Lykke underscores the complex and evolving risks in the crypto ecosystem. Though $23 million is modest compared to mega‑heists like Bybit’s, the stakes remain sobering for users, operators, and regulators. The event illustrates how emerging state‑sponsored threats, weak compliance frameworks, and centralized vulnerabilities can converge with devastating effect.
For individuals interested in new crypto opportunities or blockchain’s practical applications, the imperative is clear: prioritize platforms with proven security, employ self‑custody solutions, stay vigilant of laundering dynamics, and support stronger regulatory standards. As the crypto space matures, resilience and trust must be built from vigilant, decentralized design—not just innovation for its own sake.
