ZachXBT: $1.2M Theft Address Likely Belongs to THORChain Founder John-Paul

BlockBeats News, September 12th, On-chain detective ZachXBT commented on the "A THORChain User Was Hacked for $1.2 Million" incident, suggesting that the address may belong to THORChain founder John-Paul Thorbjornsen (JP, @jpthor), whose private wallet was compromised a few days ago due to a fake conference scam. "JP is one of those who has greatly benefited from laundering money through North Korean hacker attacks/vulnerability exploits. Therefore, he suffered losses due to a North Korean-related retaliatory attack, somewhat echoing the idea of karma."

BlockBeats Note: JP's "relationship" with North Korean hackers (mainly the Lazarus Group) is not direct cooperation or personal contact but stems from the THORChain protocol's stance in the 2025 Bybit exchange hack incident. In February 2025, North Korean hackers stole around $1.4 billion worth of cryptocurrency from Bybit, making it one of the largest crypto thefts in history. These hackers then used THORChain as the primary tool to launder the stolen funds, bridging 85% of the stolen funds (approximately $1.2 billion) and converting them into other assets to evade tracking.