According to @zachxbt, on September 24, 2025 addresses linked to SBI Crypto saw ~21M in suspicious outflows on Bitcoin, Ethereum, Litecoin, Doge, & Bitcoin Cash. The stolen funds were transferred to five instant exchanges and deposited to Tornado Cash. Interestingly several indicators share similiarities to other known DPRK attacks. SBI Crypto is a mining pool that's a subsidiary of SBI Group, a publicly traded company in Japan. As of now it does not appear they have publicly disclosed the incident. Theft addresses: 0x40d76a78ddba2ea81fb0f9fba147a08bcfc2b866 bc1qx0a2kfjd7eweczv8xqjm6rggm40v0nkhfss78l qpv9nh5ktagsmtkqle8z2w4dd3mksskpmy499z7c9k ltc1qjyrn9p803efj3p8a0g3fmlevs45kq704ns363t DRiEQuJ9pt3GgNraQmHVTjNg4B7uv1XuGb(Vladimir S. | Officer's Notes)