A digital wallet, an untraceable transaction, and a Greek individual at the epicenter of an unprecedented digital heist. Recently, Greek authorities uncovered that a user registered on a local cryptocurrency exchange had received a substantial amount of Ethereum. Initially, there were no signs of wrongdoing. However, expert analysts from the Anti-Money Laundering Authority soon identified that these “digital funds” had originated from the largest cryptocurrency theft in history, which occurred last February on the Bybit platform. Subsequently, a prosecutorial order was issued to freeze the user’s wallet. This marked the first time a Greek individual was so clearly linked to a digital financial crime of this magnitude.
What is Ethereum?
To grasp the situation, it’s essential to explain Ethereum. Think of it as a digital currency similar to the euro but existing solely online, without physical notes or coins. Ethereum (ETH) is the second most popular cryptocurrency globally, following Bitcoin. However, it’s more than just a virtual currency; it’s a digital platform that enables the creation of applications—contracting without lawyers, digital marketplaces, and banking-like services without traditional banks. Imagine it as a smart vault with programming capabilities.
These assets reside in digital wallets (crypto wallets), functioning similarly to bank accounts independent of banks. The only requirements are a password, known as a “private key,” and a wallet address. While this address is public, it does not disclose the owner’s identity.
What happened at Bybit and its connection to Greece
Bybit is one of the largest international cryptocurrency exchanges, functioning as a digital “bank” where users can buy, sell, and store cryptocurrencies like Ethereum and Bitcoin. In February 2024, Bybit fell victim to a significant cyberattack. Hackers infiltrated the company’s “cold wallets” (storage devices typically offline for security), stealing cryptocurrencies valued at $1.5 billion. U.S. authorities, notably the FBI, attributed the attack to the infamous Lazarus Group, a North Korean governmental hacking organization involved in financial crimes to support its nuclear initiatives. On February 26, the FBI issued a public alert with specific digital wallet addresses, urging countries and platforms to track and freeze associated assets.
Uncovering the Greek link
The identification of the Greek connection began with what appeared to be a routine transaction. The Anti-Money Laundering Authority flagged a suspicious fund transfer: a significant sum of Ethereum credited to a digital wallet on a Greek crypto exchange. Initially, this seemed like a standard influx of digital money, but further investigation revealed otherwise. The Authority’s specially trained analysts utilized blockchain analysis tools to trace the transaction, discovering that the funds did not stem from a legitimate commercial transaction but rather traced back to a specific path already flagged by the FBI.
This path led to one of the Ethereum wallets involved in laundering the $1.5 billion stolen from Bybit. The digital currency had been fragmented, routed through multiple intermediary wallets, and eventually reached the Greek user’s account. Thanks to blockchain transparency, every transaction is publicly recorded, detailing who sent, who received, when, and how much—though holder identities remain anonymous. Authorities use sophisticated tools (like Chainalysis, Elliptic, and TRM Labs) to track these fund flows precisely, even when divided into numerous small transactions. Through this mapping, they identified one of the recipient wallets connected to a Greek user registered with a local Virtual Asset Service Provider (VASP). This triggered the Authority’s protocol, leading to the wallet’s freezing and the forwarding of an investigation report to the prosecutor’s office for potential criminal liability or collaboration with international networks. Currently, there is no evidence that the Greek individual was aware of the funds’ origins, but authorities are exploring all possibilities, including whether the individual acted as an “intermediary” in a global digital money laundering scheme.
New tools for combating money laundering
Modern technology is becoming increasingly vital in the battle against financial crime. The Anti-Money Laundering Authority, led by Charalambos Vourliotis, is acquiring advanced digital tools. The Ministry of National Economy and Finance recognizes the significance of the Authority’s work and is providing institutional and technical support to monitor and analyze modern financial crime—from bank accounts to cryptocurrency wallets.
In particular:
- Legislative measures have already been enacted to enhance the Authority’s role, powers, and independence.
- Additionally, over €1 million is being invested to improve its infrastructure:
- €550,000 dedicated to bolstering its IT systems essential for inspectors’ work.
- €500,000 allocated for a complete modernization of the Authority’s integrated information system, ensuring connectivity with international databases and analysis platforms while boosting real-time monitoring capabilities.
Ask me anything
Explore related questions
