tl;dr
On October 5, 2025, Garden Finance revealed a $10.8 million hack, with allegations of money laundering tied to North Korean hackers. The incident, uncovered by crypto investigator ZachXBT, highlights ongoing security flaws in DeFi platforms. Initial reports of $5.8 million in losses were revised, an...
**Garden Finance Suffers $10.8 Million Hack Amid Allegations of Money Laundering**
In a blow to the crypto industry, Garden Finance recently fell victim to a major hack, with reported losses exceeding $10.8 million. The incident has reignited concerns about security vulnerabilities and the persistent challenge of combating money laundering in decentralized finance (DeFi). The breach, identified by crypto sleuth ZachXBT, highlights the precarious balance between innovation and accountability in the blockchain space.
### A Hack with a History of Controversy
Garden Finance’s latest ordeal comes amid accusations that the platform facilitated money laundering. Earlier this year, the project faced scrutiny for allegedly enabling transactions tied to illicit actors, including North Korean hackers linked to the Lazarus Group. Prominent investigators, such as ZachXBT and Tayvano, alleged that over 25% of Garden’s traffic originated from suspicious sources, with DPRK-based criminals using the platform en masse.
ZachXBT, who previously criticized Garden for “ignoring victims,” revealed that the hack likely targeted multiple blockchains. The hacker’s address received a message from a team member offering a 10% “whitehat bounty” for returning funds. However, the initial report of $5.8 million in losses was later revised to $10.8 million, leaving the exact scale of the breach unclear. Garden’s statement noted that “assets have been taken from us,” but it did not explicitly confirm whether user funds were compromised.
### The Irony of the Situation
The hack underscores a troubling pattern in the crypto world. Earlier this year, THORChain faced similar allegations of enabling North Korean hackers to launder funds. Months later, the platform’s founder reportedly lost $1.3 million to the same group. Such incidents highlight the industry’s recurring struggles with security and the difficulty of holding bad actors accountable.
ZachXBT pointed to the irony of Garden’s predicament: “If it’s impossible to freeze stolen assets, what could [investigators] even do?” While community sleuths can gather evidence for future legal action, practical recovery remains elusive. Garden’s offer of a bounty—a tactic often used to incentivize hackers to return funds—may be its best hope for resolving the crisis.
### A Broader Challenge for DeFi
The Garden Finance hack reflects deeper issues within the DeFi ecosystem. Projects often prioritize growth over stringent security measures, creating opportunities for exploitation. Additionally, the anonymity of blockchain transactions complicates efforts to trace and recover stolen assets. As ZachXBT noted, even when vulnerabilities are exposed, the lack of centralized control makes enforcement nearly impossible.
For Garden, the road to recovery will likely involve a combination of technical analysis, community collaboration, and diplomatic engagement with the hackers. Yet, the incident serves as a cautionary tale for the broader crypto industry: without robust safeguards and a commitment to transparency, even well-intentioned platforms risk becoming pawns in a cycle of exploitation.
As the investigation unfolds, the crypto community will be watching closely—hoping for answers, accountability, and a renewed focus on security in an increasingly complex digital landscape.