A July 2025 supply-chain attack against BigONE drained an estimated $27 million from the exchange, and the excerpt says the attacker later moved funds using laundering methods commonly associated with North Korean Lazarus activity. The stolen assets were shifted across multiple services, including THORChain to convert ETH into BTC, SunPump to convert TRX, and BitTorrent Bridge to swap ETH. Some stolen USDT was deposited into Cambodia-based Huione Pay, giving investigators payment-platform and blockchain-tracing leads. The excerpt lists multiple Bitcoin addresses and TRON-USDT deposit transaction hashes tied to the attacker, making the case useful for tracking post-theft laundering infrastructure and fund movement.