Tag: Hack

Bybit Exchange Hack: The Biggest Crypto Hack in History
Crypto is everywhere these days. It has become a part of everyday life for many tech-savvy professionals and investors. Whether you’re a trader, a gamer who plays games on platforms like 777bet fun, or simply sending crypto to your friends you must have heard about the recent major cybersecurity breach with Bybit. The recent Bybit exchange hack that led to stealing millions of dollars worth of crypto, is still sending shock waves throughout the industry.

Let’s try to understand exactly what happened during the Bybit hack, the reasons and how you can protect your assets from such situations.

What happened during the Bybit exchange hack?

In February 2025, Bybit made global headlines for all the wrong reasons that it had suffered a huge security breach. Hackers broke into Bybit inner systems and stole over $600 million worth of crypto, making it the largest crypto hack ever.

The hack started quietly. At first, Bybit noticed weird activity with users’ accounts. Some customers couldn’t log in, others found that their account balances were mysteriously emptied. Within hours, Bybit confirmed the worst-case scenario: hackers had compromised their security and drained millions from user wallets.

For teens and younger users especially, seeing such a major hack unfold in real-time was shocking. Many had trusted Bybit with their crypto, only to see their savings vanish overnight. Social media exploded with reactions, questions, anger, and fear, all demanding answers from Bybit.

How did the hackers pull off the biggest crypto hack?

Everyone’s big question was, “How did hackers manage such a huge attack?”. The hackers discovered and exploited vulnerabilities in Bybit’s security protocols. Bybit reportedly had some weaknesses in its security systems, which led to this incident. Another important factor was social engineering: hackers pretended to be trusted insiders or staff, tricking employees into giving them access to critical internal systems related to approving blockchain transactions.

Crypto exchanges usually keep some crypto in “hot wallets” so was Bybit. They stored large amounts of crypto in these online wallets and once hackers gained access, transferring all the coins was a relatively easy task.

The immediate impact of the Bybit hack

The Bybit hack didn’t just affect the exchange itself — it had ripple effects across the whole crypto market:

Panic selling and market crash

As soon as news of the hack spread, investors panicked. Many of those who might have invested their allowance or small savings, rushed to sell their crypto. Bitcoin, Ethereum, and other popular coins prices dropped immediately.

Loss of trust in exchanges

Bybit was considered safe and reliable before the hack. But after such a huge breach, many users felt betrayed. They started to doubt not just Bybit, but in Binance, OKX and crypto exchanges in general, wondering if their crypto was truly secure anywhere online.

Calls for tougher regulations

The massive hack prompted governments worldwide to demand stricter rules for crypto exchanges. Regulators tried to implement measures to further protect investors’ assets claiming that the security measures taken by Bybit were not enough.

What happened next

After the massive breach Bybit had to quickly take action.

Bybit detected unauthorized activity involving one of our ETH cold wallets. The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated through a sophisticated attack that masked the signing…
— Bybit (@Bybit_Official) February 21, 2025

The Bybit hack timeline
- February 4, 2025, 2:15 AM UTC: Bybit users report login issues and missing account balances on social media.
- February 4, 2025, 3:30 AM UTC: Bybit confirms suspicious activity internally and temporarily disables withdrawals and deposits.
- February 4, 2025, 6:00 AM UTC: Bybit officially announces the hack on Twitter, confirming initial losses over $600 million.
- February 4, 2025, 9:00 AM UTC: Panic spreads; Bitcoin price drops significantly as investors react.
- February 5, 2025: Bybit engages top cybersecurity firms and law enforcement to investigate.
- February 7, 2025: Hack traced to vulnerabilities in hot wallet system and social engineering attacks on employees.
  February 10, 2025: Bybit outlines plans for reimbursing affected customers and announces enhanced security measures.
- February 15, 2025: Regulatory authorities begin official investigations into Bybit’s security practices.
- March 2025: Bybit gradually resumes operations, offering partial customer reimbursements and full transparency reports.
- April 2025: Bybit completes security upgrade; begins full service restoration. Ongoing legal and regulatory review continues.
Here’s what happened next:

Emergency measures

Bybit immediately shut down deposits and withdrawals to prevent further losses. They hired top security firms to strengthen their systems and find out exactly how the breach happened. Bybit promised to rebuild trust by making their security stronger than ever before.

Compensations

Understanding that young customers were deeply affected, Bybit announced plans to reimburse users who lost their crypto. While this helped ease some anxiety, many young users remained worried about trusting the exchange again.

Legal and regulatory challenges

Due to the massive size of the hack, Bybit faced investigations and possible legal consequences. Regulators began closely watching Bybit and similar exchanges, signaling tighter rules in the future. Young crypto users watched closely to see if stricter rules would ultimately make crypto safer or less fun.

How to keep your crypto safe: Post-Bybit hack lessons

Use hardware wallets because they are the safest way to protect your crypto. Even if an exchange is hacked, your crypto stays safe because it’s stored offline. Be careful with hot wallets and only keep small amounts in hot wallets for daily spending or gaming. Store the majority of your crypto safely offline. Always enable 2FA on every crypto account. It adds a second layer of protection, making it harder for hackers to access your account. Don’t reuse passwords. Use a strong, unique password for each crypto account. Use password managers to help you securely store these complicated passwords.

Can trust be restored in crypto exchanges after Bybit?

The big question after a massive hack like Bybit’s is: Can exchanges ever fully regain trust? For young investors, trust matters — a lot. Crypto is exciting, fun, and filled with opportunities, but trust is key for continued participation.

After Bybit’s quick response, promises of reimbursement, and improved security measures, some trust began returning. However, rebuilding trust fully takes time. Young investors need reassurance that exchanges genuinely care about security and customer safety.
March 31, 2025
Chainalysis: October is Now the Leading Month in the ‘Biggest Year Ever’ for Crypto Hacks
Key takeaways:
- The month of October saw $718 million in hacked funds across 12 different attacks
- Chainalsys said DeFi hacks had become the most prevalent, while attacks on centralized exchanges were the most frequent in the past
- 2022 will overtake 2021 as the year with the most hacking activity “at this rate”
Barely halfway through the month and we’ve already seen 12 different hacks

While the crypto sector has always had issues with software exploits, which comes with the territory when using nascent technology, the last couple of weeks have been out of the norm.

According to blockchain analytics company Chainalysis, it barely took two full weeks for October 2022 to become the month with the most “hacking activity” this year. Driving the point home even further is the fact that Chainalysis didn’t even manage to include the XEN Crypto hack in yesterday’s report. The newly launched crypto was hacked earlier today, with the attacker walking away with 61 ETH.

1/ After four hacks yesterday, October is now the biggest month in the biggest year ever for hacking activity, with more than half the month still to go. So far this month, $718 million has been stolen from #DeFi protocols across 11 different hacks. pic.twitter.com/emz36f6gpK
— Chainalysis (@chainalysis) October 12, 2022

So far, last year holds the lead as the biggest on record by the total amount of hacked funds, with more than $3.1 billion across 125 hacks. However, 2022 is within striking distance, having already touched the $3 billion mark.

Chainalysis highlighted the fact that hacks targeting decentralized finance (DeFi) platforms have become the most prevalent, while three years ago, most attacks focused on centralized exchanges (CEXs):

“Back in 2019, most hacks targeted centralized exchanges, and prioritizing security went a long way. Now a vast majority of targets are DeFi protocols.”

Case in point, the most significant share of $718 million in losses accrued during October came from three cross-bridge hacks. Arguably the most high-profile case among them was the $100 million BNB Chain exploit that took place on October 5, forcing Binance Smart Chain (BSC) validators to momentarily halt the blockchain. It is worth noting that the software vulnerability in the cross-chain bridge BSC Token Hub has since been patched thanks to the “Moran” hard fork.

Another massive exploit occurred on October 12, with $118 million being siphoned from the Solana-based DeFi trading platform Mango. The attacker managed to drastically inflate the price of Mango’s native token, MNGO, and then took out loans against the inflated asset.

The Chainalys team believes that “at this rate,” 2022 will overtake 2021 in terms of the total amount of hacked funds.
October 13, 2022
BNB Chain Executes Hard Fork Ahead of $574 Million Quarterly BNB Burn
Key takeaways:
- Following last week’s $100 million hack, BNB Chain has undergone the Moran hard fork
- The upgrade patches vulnerability in the BSC Token Hub, which was used by the attacker
- In related news, the 21st BNB burn took place today, forever removing $574 million worth of BNB from circulation
“Moran” hard fork goes live following a $100 million hack last week

On October 6, BNB Chain suffered a massive exploit that impacted more than $560 million worth of digital assets, or roughly 2,000,000 BNB. To prevent any further damage, Binance Smart Chain (BSC) validators momentarily halted the operation of the blockchain. The chain was restarted a few hours later with several hotfixes implemented.

Yesterday, BNB Chain developers executed the Moran hard fork to establish a more permanent solution and eliminate vulnerabilities in the cross-chain bridge connecting BSC and BNB Beacon Chain, which was used as an attack point in last week’s hack.

It is worth noting the attacker managed to move roughly $100 million worth of digital assets off-chain, while the renaming funds were frozen before they could be transferred off of BNB Chain. According to devs, the attacker used an exploit in the BSC Token Hub to generate new tokens, rather than stealing existing ones.

The 21st quarterly burn removes $574 million worth of BNB from circulation

In related BNB Chain news, the 21st quarterly token burn was completed earlier today, which forever destroyed 2,065,152 BNB (worth roughly $574 million). Binance shared the news via a Twitter post.

The 21st Quarterly $BNB token burn has been completed via #BNB Auto-Burn.

Here’s everything you need to know about last quarterly burn of 2022 ⬇️https://t.co/Um374mW6mp
— Binance (@binance) October 13, 2022

Binance’s scheduled BNB burns, which have recently been revamped to use the automatic Auto-Burn formula, are meant to remove 100,000,000 BNB, or half of the total supply, from circulation. The token burning makes BNB deflationary, which is one of the mechanisms used to maintain its value and provide long-term price stability.

According to BNBBurn.info, nearly 39,000,000 BNB has been burned to date. The amount of burned tokens is determined by the number of blocks that have been generated on BSC during any given quarter.

The last quarterly burn of 2022 was significantly bigger than the previous one, both in terms of tokens destroyed and the dollar amount – for context, the 20th token burn saw 1,959,595 BNB (roughly $447M at then-market rates) being sent to a dead wallet address.
October 13, 2022
Binance Smart Chain Was Momentarily Halted Following $560 Million Hack
Key takeaways:
- BNB Chain’s token bridge was hacked for $560 million worth of BNB
- Binance Smart Chain was temporarily halted and a series of hotfixes implemented following the attack
- Hackers were able to take off with $100M – $110M worth of digital assets
Attackers exploited a vulnerability in BSC Token Hub

On Thursday, a blockchain bridge connecting BNB Smart Chain and BNB Beacon Chain was exploited for 2 million BNB (roughly $560 million at current market rates) worth of digital assets.

According to a blog post shared by the BNB Chain team earlier today, an attacker, or a group of attackers, found an exploit in the cross-chain bridge called BSC Token Hub. Binance CEO Changpeng “CZ” Zhao first informed the broader community about the unfortunate event via a Twitter post earlier in the day.

An exploit on a cross-chain bridge, BSC Token Hub, resulted in extra BNB. We have asked all validators to temporarily suspend BSC. The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly.
— CZ 🔶 BNB (@cz_binance) October 6, 2022

Out of the total amount of funds stolen, between $100 million and $110 million was taken off chain, while the remaining hacked funds are still on BSC, awaiting a governance vote that will decide whether they will be frozen or not.

Following a shutdown and a series of quick updates approved by BSC validators, BNB Chain was back online earlier today at around 6:30 AM UTC.

BSC validators restarted the blockchain with several hotfixes

As a response to the largest hack in BSC’s history, a software update was quickly pushed to fix the code that allowed attackers to take out the multi-million dollar attack. In our limited technical knowledge, it is worth noting that the update doesn’t seem to address the root issue but rather aims to prevent a similar thing from happening until a more comprehensive solution is implemented.

Update📢 BSC validators are coordinating to bring back BNB Smart Chain (BSC) in an hour with the latest release https://t.co/d2gIsRlGDC

It includes:
1.Stopping hacker accounts from acting

1/2
— BNB Chain (@BNBCHAIN) October 7, 2022

According to a post made by the BNB Chain team, the most recent software release includes a fix that prevents hacker accounts from acting. In addition, the cross-chain communication between BNB Beacon Chain and BSC has been disabled.

It is worth noting that In the coming days, the BSC community will vote on a series of proposals, including how to reimburse hacked funds, whether to implement a $1 million bounty for those that find bugs in the future, and how big of a bounty to put on hackers (up to 10% of recovered funds, per the team).
October 7, 2022
$100 Million Worth of Altcoins Stolen in Harmony’s Horizon Bridge Attack
Key takeaways:
- Horizon Bridge, a blockchain bridge connecting Harmony with Bitcoin, Ethereum, and BNB Chain networks has been hacked
- $100 million worth of wETH, USDC, and several other altcoins have been stolen
- Harmony’s ONE token plunged 10% on the news
The Harmony bridge connecting BNB Chain, Bitcoin, and Ethereum exploited for $100M

Harmony Protocol’s Horizon Bridge was hacked on Thursday, leading to a loss of $100 million worth of Wrapped Ether (wETH), Frax (FRAX), Sushi (SUSHI), and several other altcoins, including Binance USD (BUSD) and USD Coin (USDC) stablecoins. The Harmony team shared the unfortunate news on Twitter.

1/ The Harmony team has identified a theft occurring this morning on the Horizon bridge amounting to approx. $100MM. We have begun working with national authorities and forensic specialists to identify the culprit and retrieve the stolen funds.

More 🧵
— Harmony 💙 (@harmonyprotocol) June 23, 2022

The Horizon Bridge, which is designed to facilitate transactions between Harmony and Bitcoin, Ethereum, as well as Binance networks was halted following the attack. The exploit raises questions about the security of pseudo decentralized blockchain bridges. Recall that earlier this year, the Ronin bridge attacker gained access to five out of nine validator signatures and was able to make away with more than $600 million worth of ETH and USDC. It is worth noting that the Horizon Bridge was secured with only two out of four multisig scheme.

The Harmony team stated on Twitter that “decentralized bridges are important now more than ever” and noted that they are paramount for “decentralization and security.” No further details were shared by the team, other than that they are working with “the FBI and multiple cyber security firms.”

Not accounting for the latest hack, the data from The Block shows that more than $2 billion worth of crypto was stolen by DeFi attackers in the past two years.

Looking at the wallet address belonging to the Horizon Bridge Exploiter, the balance of funds stolen in the attack currently stands at $104 million, equivalent to 85,867 ETH.

The price of Harmony’s native ONE token plunged over 10% in the aftermath of the attack. The token has seen a modest recovery by press time and is trading down 7.85% in the last 24hrs.
June 24, 2022
Wintermute Hacker Returns 17 Million OP Tokens
Key takeaways:
- A hacker who gained access to a blockchain address with 20 million OP returned 17 million tokens today
- Previously, the hacker sold 1 million OP and sent the same amount to Ethereum founder Vitalik Buterin
- The hacker returned stolen funds in 18 separate transactions, each amounting to exactly 1 million OP
A hacker who stole 20 million OP on the day of the OP token launch has returned 17 million tokens

Yesterday, we wrote about a recent exploit that saw an anonymous attacker gain access to a blockchain address with 20 million OP tokens (worth $35 million at the time of the hack). Today, 17 million of those tokens were returned to the Optimism contract address.

Earlier this month, on the day of the launch of the Ethereum Layer 2 scaling project Optimism’s governance token OP, a hacker was able to access a blockchain address with 20 million OP tokens sent from Optimism to crypto market maker Wintermute. Since millions of dollars worth of tokens were sent to an unsynced Ethereum address from the Optimism Layer 2 network, they could not be immediately reached by the Wintermute team.

The attacker pounced at the opportunity and used his expertise to gain access to the tokens that were, for a lack of a better word, in a state of limbo. The attacker proceeded by selling 1 million OP tokens via a blockchain anonymizing service Tornado Cash, and sent 1 million tokens to a blockchain address belonging to Ethereum founder Vitalik Buterin

In the meantime, Optimism and Wintermute notified their communities about the incident. In addition, the Wintermute team issued a not so thinly veiled threat, calling on the hacker to return stolen funds or continue living in fear for the rest of its life.

It seems that the hacker has decided it is best to accept the offer. Etherscan shows that 17 separate transactions of 1 million OP each have been made in the last couple of hours. The Wintermute Exploiter Multisig wallet is now left with a balance of roughly 154 OP.
June 10, 2022
Optimism Sent 20M OP Tokens to Unsynced Address, Resulting in $35M Loss
Key takeaways:
- A hacker stole 20 million OP tokens prior to the token launch on June 1
- The Optimism team sent the tokens to Wintermute’s address that was not yet synced to the Layer 2 Optimism network
- A hacker was able to gain access to the blockchain address and sold 1 million OP via Tornado Cash
A hacker stole 20 million OP tokens sent to the unsynced Wintermute address

Ahead of the OP token launch, Ethereum Layer 2 scaling solution tried sending 20 million OP tokens to a leading crypto market maker Wintermute as a loan. Unfortunately, there was a problem with the transactions as the funds were sent to an unsynced Ethereum address, which means that the wallet’s balance couldn’t be confirmed by network validators.

The issue occurred due to Wintermute providing a Layer 1 Ethereum address that has not yet been deployed to the Layer 2 network Optimism. Wintermute began the recovery process upon realizing their mistake.

In the meantime, while the sent OP tokens were waiting to be recovered, a hacker gained access to the blockchain address and the full 20 million OP token stash and immediately after sold 1 million tokens using an anonymizing service Tornado Cash.

On the day of the hack on June 1st, the 20 million OP tokens were worth roughly $35 million.

Wintermute has accepted full responsibility for the lost tokens and is committed to buying them back. In addition, the Wintermute team has called on the hacker to come forward and return the stolen funds:

“You have one week to consider being a whitehat. In case the above doesn’t happen, we are 100% committed to returning all the funds, tracking the person(s) responsible for the exploit, fully doxxing them and delivering them to the corresponding juridical system. Remember that robbers need to get lucky every time.”

The Optimism Foundation has attributed the unfortunate set of events to the “growing pains of an evolving industry” in a message to the community. It added that the Wintermute team is “word class” and commended how it is handling the whole situation.

The price of the OP token has dipped nearly 20% on the news of a hack. OP, which launched earlier this month, is changing hands at $0.83, down more than 60% from its ATH price reached on the first trading day.

Buy/Sell OP
June 9, 2022
$205M in ETH Stolen in the Ronin Bridge Hack Has Already Been Moved
Key takeaways:
- Over 65,000 ETH (worth approx. $205M at current market rates) out of 173,600 ETH stolen in the Ronin attack have already been moved
- The attacker is sending ETH to Tornado Cash, a popular anonymizing service that breaks the on-chain link between source and destination addresses
- Ronin Bridge was exploited from over $600M in ETH and USDC in late March in what was the biggest hack of its kind to date
Almost a third of ETH stolen in the Ronin Bridge hack has been sent to new addresses

In late March, the Ronin Network was exploited for more than $600 million worth of Ethereum in what was the largest DeFi attack to date. At the time, the team behind the Ethereum-linked sidechain of the popular crypto game Axie Infinity stated that the attacker gained access to the majority of validators nodes and was able to sign transactions, and made away with 173,600 ETH and 25.5M USDC.

Roughly three weeks after the initial attack, more than 65,000 ETH have been transferred out of the Ethereum wallet associated with the Ronin Bridge hack. It is currently presumed that the attack originated from North Korea, although some in the crypto community believe that the attack was carried out by a single person not associated with state actors.

Whoever was behind the attack has already moved roughly a third of the stolen funds to new addresses, according to Etherscan. What’s more, the attacker is upping the amount of transferred ETH with each subsequent transfer. The largest transaction at press time was approved on April 19 and amounted to 18,256 ETH, worth over $57 million at the time of the transaction.

The list of outgoing ETH transfers as of April 20. Image source: Etherscan

The funds transferred to new addresses have been sent to Tornado Cash in 100 ETH increments. The attacker is apparently using the popular decentralized service to mask his transactions and make it possible to cash out stolen funds.

In the aftermath of the Ronin Bridge attack, Axie Infinity’s creators Sky Mavis raised $150 million in a funding round that was led by Binance and saw participation from Animoca Brands, a16z, Dialectic, and Paradigm. The Sky Mavis team said the funds will be used to reimburse victims of the unfortunate attack and to enhance security of its blockchain platform.
April 20, 2022
Blockchain Security Firm CertiK Doubles its Valuation to $2 Billion
Key takeaways:
- Web3 security provider CertiK has raised $88 million at a $2 billion valuation
- Rising revenue and profits are the reason for the doubling of the company’s valuation since January
- Newly-acquired capital will be used to enhance the company’s offering of data-driven security products and services
CertiK raises $88M at a $2B valuation to improve blockchain security

CertiK, a New York-headquartered blockchain security firm announced on Thursday it had raised $88 million in a Series B3 funding round from prominent investors, including Goldman Sachs, Insight Partners, and Advent International, to name a few.

The new round of funding saw the company reach a $2 billion valuation just three months after it had reached a $1 billion valuation in January, on the heels of its previous funding round.

According to a press release, the reason for the company’s rapid growth is the massive increase in revenue and demand for its services. In 2021 alone, the company saw a 12-fold increase in its revenue, which translate to a whopping 3,000-fold surge in its profits. The growth trend continued into the first quarter of 2022, during which the company’s revenue increased by an additional 400%.

The need for increased security, especially when it comes to DeFi and various Web3 services has never been more apparent. According to data from The Block, malicious actors have stolen more than $1 billion worth of crypto assets so far this year. A large share of the total amount can be attributed to a recent Ronin bridge exploit, which saw users lose more than $600 million in Ethereum and USD Coin.

CertiK CEO Ronghui Gu said in a statement that the growing number of rug-pulls underscores the importance of KYC when it comes to Web3 security. Gu added that the company’s focus lies in “Smart contract auditing and 24/7 monitoring of threats. “

The company has said the newly acquired capital will be used for the “development and operation of more innovative and data-driven security products.”
April 8, 2022