eXch, a cryptocurrency exchange known for its focus on privacy and its lack of Know-Your-Customer (KYC) requirements, has revealed plans to shut down by May 1, 2025. This decision follows growing allegations connecting the platform to the $1.4 billion hack of Bybit in February 2025. The hack, which the Federal Bureau of Investigation (FBI) attributed to North Korea’s notorious Lazarus Group, allegedly involved money laundering through eXch’s platform.
In an official announcement on April 17, eXch confirmed that an “active transatlantic operation” is targeting its infrastructure, and it could lead to serious charges, including money laundering and terrorism financing. These developments reportedly stem from evidence provided by a whistleblower linked to the U.S. Department of Justice (DOJ).
eXch’s Response to the Allegations
Johann Roberts, CEO of eXch, responded to the situation by emphasizing the company’s unwillingness to operate under such scrutiny. He stated, “We don’t see any point in operating in a hostile environment where we are the target of SIGINT simply because some people misinterpret our goals.” SIGINT, or Signals Intelligence, refers to intelligence gathered through electronic means, underscoring the intense surveillance eXch is under.
Initially, eXch denied any involvement in laundering funds for Lazarus or the Democratic People’s Republic of Korea (DPRK). The platform attributed the discrepancies to delays in updating data from its third-party anti-money laundering (AML) screening provider. This gap, they claimed, caused a 12-hour delay in updating hacked Ethereum addresses. However, investigations later revealed that eXch had processed a “minor portion” of the stolen funds—approximately 90,000 Ethereum (ETH). While this amount was a fraction of the total 401,346 ETH stolen during the Bybit hack, it raised concerns about the platform’s role in laundering the stolen assets.
Roberts also pointed to Bybit’s refusal to cooperate with eXch, claiming that previous “direct attacks” on the platform had severely damaged its reputation and strained relationships within the industry.
Challenges and Industry Backlash
eXch has long been criticized for its operational model, which avoids KYC and does not require users to create accounts. This approach has attracted scrutiny from investigative groups such as Elliptic and ZachXBT, who have raised concerns about the potential for illicit activity facilitated by the platform’s privacy-focused services.
In his defense, Roberts criticized what he termed “elitist policies” within the cryptocurrency industry, particularly those targeting privacy-centric platforms. He noted that Elliptic had refused to provide services to eXch due to its privacy-oriented approach.
In its closing statement, eXch took aim at industry-standard AML practices, which it described as “nonsensical policies” that are “easily bypassed.” The exchange argued that these policies fail to effectively prevent illegal activity while compromising user privacy—an issue central to eXch’s operational ethos.
What’s Next for eXch?
Despite the impending closure, eXch will continue to offer API access to its partners until May 1. It remains unclear whether the platform will be restructured or rebranded under new management, as decisions about future operations will be handled by a new team.
The closure of eXch highlights ongoing challenges in the cryptocurrency industry, particularly in balancing user privacy with regulatory compliance. As privacy-focused exchanges face increasing scrutiny, the debate about their role and accountability in the crypto ecosystem has become more prominent.
The end of eXch’s operations marks a significant moment in this ongoing debate, underscoring the tension between privacy and regulation in the rapidly evolving world of cryptocurrency.
