Exch：拒絕與Bybit合作以恢復被盜資金的硬幣混音器

2月21日晚上，交易所交易所遭受了歷史上最大的盜竊。許多機構和個人借助一隻手來幫助束縛這場危機。儘管危機已經暫時控制，但下一個關鍵任務是嘗試跟踪和攔截黑客資金並恢復被盜資產。

On the evening of February 21, cryptocurrency exchange Bybit suffered the largest theft in history. Many institutions and individuals lent a hand to help Bybit through this crisis. Although the crisis has been temporarily controlled, the next key task is to try to track and intercept the hacker funds and recover the stolen assets.

2月21日晚上，加密貨幣交易所Bybit遭受了歷史上最大的盜竊。許多機構和個人借助一隻手來幫助束縛這場危機。儘管危機已經暫時控制，但下一個關鍵任務是嘗試跟踪和攔截黑客資金並恢復被盜資產。

However, in the past two days, the eXch platform has laundered more than 29,000 ETH stolen from Bybit by Lazarus hackers. The platform immediately attracted widespread attention in the crypto community, and many users said that despite their many years in the industry, they had never heard of the eXch project before.

但是，在過去的兩天中，Lazarus Hackers從Bybit偷了29,000多名ETH。該平台立即在加密社區引起了廣泛的關注，許多用戶表示，儘管他們從事該行業多年，但他們以前從未聽說過Exch項目。

So, what kind of platform is eXch? What role did it play in this incident?

那麼，交流是什麼樣的平台？它在此事件中扮演著什麼角色？

What is eXch?

什麼是口氣？

eXch is a centralized coin mixer that does not require KYC. The basic function of a coin mixer is to mix funds from different users, thereby disrupting the source and destination of transactions, making it difficult for external observers to track the transaction path.

Exch是一種集中式硬幣混合器，不需要KYC。硬幣混合器的基本功能是混合來自不同用戶的資金，從而破壞交易的來源和目的地，使外部觀察者很難跟踪交易路徑。

Users can freely exchange BTC, LTC, ETH, XMR and other tokens on eXch. After selecting the type and quantity of the token to be traded, and setting the receiving address and refund address, the platform will complete the transaction at the Bisq price (based on the median value of market transaction data). The exchange claims that its liquidity is not provided by a third party, but is stored on its own nodes.

用戶可以在Exch上自由交換BTC，LTC，ETH，XMR和其他令牌。在選擇要交易的令牌的類型和數量並設置接收地址和退款地址之後，該平台將以BISQ價格完成交易（基於市場交易數據的中位數）。交易所聲稱其流動性不是由第三方提供的，而是以其自身的節點存儲。

Although it seems very convenient, users who have actually used eXch said that the actual experience is very bad, the handling fees and spreads are very high, and when liquidity is exhausted, they need to wait for staff to manually send tokens, and sometimes they are sent to the wrong address. Some community members even said that under the premise of such high handling fees and slippage (nearly 10%), only money laundering teams will use this platform.

儘管看起來非常方便，但實際使用過口氣的用戶說，實際經驗非常糟糕，處理費和差價很高，當流動性耗盡時，他們需要等待員工手動發送令牌，有時他們有時他們被發送到錯誤的地址。一些社區成員甚至說，在如此高的處理費和打滑的前提下（近10％），只有洗錢團隊才能使用此平台。

There is currently no information about the eXch team on the Internet. There is only an X account named @exchcx that is certified as its representative, but the account has not been updated for more than a year.

目前沒有關於Internet上的交易所的信息。只有一個名為@ExchCX的X帳戶被認證為其代表，但是該帳戶在一年以上沒有更新。

eXch refuses to cooperate with Bybit to recover stolen funds

Exch拒絕與Bybit合作以收回被盜的資金

After the incident, Bybit CEO began to seek support from all walks of life, hoping to jointly intercept the stolen funds.

事件發生後，Bybit首席執行官開始尋求各行各業的支持，希望共同攔截被盜的資金。

On February 22, on-chain detectives discovered that the 5,000 stolen ETH were laundered through eXch and converted to Bitcoin through Chainflip. In response to this discovery, Bybit asked eXch to block the funds and track their movements. However, eXch made the request public and refused to cooperate. In its reply to Bybit, eXch mentioned that since its users had been banned by Bybit, they would not provide any help.

2月22日，鏈偵探發現，5,000名被盜的ETH通過交流洗錢，並通過Chainflip轉換為比特幣。為了響應這一發現，拜比特要求交易所阻止資金並跟踪他們的動作。但是，交易所公開請求並拒絕合作。在對Bybit的答復中，Exch提到，由於其用戶已被Bybit禁止，因此他們不會提供任何幫助。

In this regard, there are two different voices in the community:

在這方面，社區中有兩種不同的聲音：

On February 23, eXch released a statement on bitcointalk, saying that it "will not launder money for Lazarus/DPRK" and that the funds from the previous attack on Bybit will be donated to various open source projects. They emphasized that this move is to protect the concept of decentralization (not your keys, not your money.) and pointed out that Trorchain has processed more black money than them.

2月23日，Exch在BitCointalk上發表了一份聲明，稱“不會為Lazarus/Dprk洗錢”，並且先前對Bybit攻擊的資金將捐贈給各種開源項目。他們強調，此舉是為了保護權力下放的概念（不是您的鑰匙，而不是您的錢。），並指出Trorchain處理的黑錢比他們更多。

In response, many community members began to criticize eXch. Crypto KOL @tayvano_ joked about eXch's behavior of dragging down Thorchain, saying "because every time liquidity is exhausted, eXch will rely on Thorchain." Some users even suggested that all VASPs should directly blacklist eXch, believing that their practice is money laundering.

作為回應，許多社區成員開始批評交流。 Crypto Kol @Tayvano_開玩笑說Exch的行為拖到Thorchain的行為，說：“因為每次流動性耗盡時，Exch都會依靠Thorchain。”一些用戶甚至建議所有VASP都應該直接進行黑名單交流，認為他們的實踐是洗錢。

And eXch’s response seems to always be the same slogan: maintaining the ideal of decentralization.

埃夫的反應似乎總是相同的口號：保持權力下放的理想。

Is it necessary for a coin mixer to exist?

硬幣混合器是否有必要存在？

But this is not the first time hackers have used eXch to launder coins.

但這並不是黑客第一次使用交易所洗錢硬幣。

In December 2024, in a theft reported by ZachXBT, the stolen funds eventually flowed to eXch for laundering, converted into LTC and put into the market. At that time, the stolen assets were worth 6.5 million US dollars.

2024年12月，在Zachxbt報導的一次盜竊案中，被盜的資金最終流向了洗錢，轉變為LTC並投入市場。當時，被盜的資產價值650萬美元。

In September 2024, economic data aggregator Truflation suffered a hacker attack, losing about $5 million, and funds were stolen from the treasury multi-signature and personal wallets. A month later, the Truflation attacker exchanged 1.37 million DAI for 500 ETH and transferred it to eXch.

2024年9月，經濟數據聚合器的陷阱遭受了黑客襲擊，損失了約500萬美元，資金從財政部的多簽名和個人錢包中被盜。一個月後，Truflation攻擊者將137萬DAI交換為500 ETH，並將其轉移到Exch。

In August 2024, an address involved in a phishing attack transferred 300 ETH to the eXch platform after stealing 55.4 million DAI.

2024年8月，涉及網絡釣魚襲擊的講話將300 ETH轉移到了5,540萬次DAI之後，將300 ETH轉移到了Exch平台。

The hackers who attacked Bybit started laundering coins yesterday afternoon. In the past 30 hours, they have used a large number of addresses to use cross-chain exchange platforms/mixing platforms such as Chainflip,

襲擊拜比特的黑客昨天下午開始洗錢。在過去的30個小時中，他們使用了大量地址使用跨鏈交換平台/混合平台，例如Chainflip，