News
AML · Crypto Sanctions · Cybercrime · Geopolitics
The Central Bank of Iran utilized $1.5 billion in crypto assets stolen by a North Korean hacking group from Bybit, laundering them through Chinese-linked exchange CoinEx to circumvent U.S. economic sanctions, with TRM Labs reporting over $3.84 billion moved by Iran-linked wallets through CoinEx since 2019, including direct transactions with the IRGC.
The Wall Street Journal reported on June 24, citing blockchain analysis, that these funds, initially $1.5 billion from the Bybit hack, were moved through multiple transactions to CoinEx. Blockchain analytics firm TRM Labs further identified that wallets tied to Iran have transacted over $3.84 billion through CoinEx since 2019, including direct links to the Islamic Revolutionary Guard Corps (IRGC).
CoinEx founder Haipo Yang denied government ties but confirmed widespread Iranian user base, stating the exchange implemented new measures this month, blocking new sign-ups from Iranian IP addresses and initiating an internal investigation into the Bybit hack funds. This development intensifies regulatory pressure on cryptocurrency exchanges regarding anti-money laundering (AML) and sanctions compliance.
