Foresight News The secret enemy of the crypto world, hacker security incidents are stealing industry confidence. Author: 1912212.eth, Foresight News The crypto industry has long been known for its various wealth stories, but the crisis hidden beneath them has begun to surface. Recently, Bybit's cold wallet was hacked for $1.46 billion, becoming the largest single hacking incident in crypto history. Although it did not cause serious negative impact afterwards, it sounded the alarm for the industry's security. Imagine, the wealth you have worked so hard to earn can be easily stolen by a technically skilled hacker with just a few keystrokes... Security is paramount, and the importance of safeguarding wealth is self-evident. Hacker attacks are no longer just a technical issue, but one of the biggest risks that can undermine the very foundation of the crypto industry. As of February 2025, the known losses in the crypto sector in the first quarter have already exceeded $1.5 billion, with 20 hacking incidents, the high frequency and huge losses of which are astonishing. In contrast, Immunefi's data tells it all. From the beginning of 2024 to August of that year, the industry saw a total of 154 hacking and theft incidents, resulting in losses of $1.21 billion, while in the first 2 months of 2025, the loss amount has already nearly surpassed the same period record. Horrifying past hacking incidents In the history of crypto, some protocols or exchanges have faced huge challenges and even disintegration due to hacking incidents. In August 2021, the cross-chain protocol Poly Network was hacked, losing $611 million (multi-chain assets). The hacker used a vulnerability in the smart contract to steal assets from the Ethereum, BNB Chain and Polygon wallets of Poly Network. Interestingly, the hacker claimed to have done it "just for fun" and eventually returned most of the funds (about $300 million unrecovered). The incident revealed the complexity and potential risks of DeFi protocols. In February 2022, the Wormhole cross-chain bridge was hacked, losing 120,000 wETH. The hacker exploited a vulnerability in the Solana VAA verification to forge messages and mint wrapped ETH out of thin air. The funds were not recovered, shaking the trust in cross-chain protocols. In March 2022, the Ronin network cross-chain bridge was hacked, losing 173,600 ETH and 25.5 million USDC, worth $620 million. The hacker took control of 5 out of 9 Ronin network validators through a 51% attack and stole the cross-chain bridge funds of the Axie Infinity game. The FBI confirmed that the Lazarus group was behind it. The incident exposed the vulnerability of cross-chain bridges, and Sky Mavis spent years raising funds to compensate users, highlighting the high cost of remediation. In October 2022, the Binance cross-chain bridge was hacked, losing 2 million BNB. The hacker exploited a vulnerability in the BSC Token Hub smart contract to forge withdrawal proofs and generate BNB out of thin air. Binance quickly froze most of the assets, but still suffered heavy losses. This case prompted the industry to re-examine the security design of cross-chain bridges. The above are just the most severe and largest hacking security incidents in the past few years, with countless others involving losses of hundreds of millions or tens of millions. In the past few months, the crypto industry has experienced several relatively serious hacker security incidents. In February 2025, the stablecoin digital bank Infini lost $49.5 million, as the hacker secretly retained administrative privileges to attack Infini. In February 2025, Bybit was hacked for over 510,000 native ETH and various derivative ETH, with a loss exceeding $1.4 billion. The hacker breached the multi-signature members' devices through UI forgery, social engineering and delegatecall vulnerabilities, and manipulated the cold wallet smart contract to transfer the huge funds. Suspected to be the work of the North Korean Lazarus group. In November 2024, the DeFi platform Thala Labs was hacked for $25.5 million, which was later fully recovered through the collaboration of white hat hackers and the community. The incident highlighted the potential of DeFi protocols in emergency response, but also exposed the vulnerability of private key management. In November 2024, the on-chain trading platform Dexx was hacked, losing 21 million USDT (over $150 million). The attack involved more than 1,000 users and 8,000 addresses, suspected to be due to the platform's private key being stored and transmitted in plain text, and the possibility of internal involvement cannot be ruled out. The founder promised compensation, and victims filed lawsuits in multiple locations, but the attacker's assets have not been fully transferred. Why are hackers so rampant? The rampant hacking in the crypto industry is mainly due to the interweaving of multiple factors such as technology, human nature, economics, and regulation. Technically, the irreversibility of blockchain transactions makes it difficult to recover funds once stolen, while the complexity of smart contracts also harbors vulnerability loopholes, such as the delegatecall issue in the Bybit incident, providing opportunities for hackers. In addition, human weaknesses are also an important reason, as social engineering attacks have repeatedly succeeded, such as phishing of multi-signature members or insufficient security awareness of employees, rendering the protection system ineffective. Economically, the high liquidity and anonymity of crypto assets provide convenience for hackers to launder money, and the huge returns also attract the participation of professional groups like the Lazarus group. The imbalance between low risk and high returns makes the cost of attacks far outweighed by the benefits. Finally, the lack of regulation further exacerbates the problem. The decentralized nature grants the industry freedom, but also lacks unified security standards and law enforcement mechanisms, making it difficult to effectively curb hacker activities. These factors work together to make the crypto industry a paradise for hackers, challenging not only technical security, but also user trust and ecosystem development, which urgently needs to be addressed by the entire industry. How do hackers threaten the industry's foundation? Hackers' threats to the crypto industry have penetrated to the very foundation, shaking its trust, market stability and development prospects. First, they directly erode user trust. Large-scale theft not only causes retail investors to panic and withdraw, but also makes institutional investors doubt the security of crypto, and this trust crisis may trigger a "bank run" effect, leading to platform liquidity depletion and even collapse. Secondly, hacker attacks trigger violent market fluctuations. For example, after the $570 million hack of the Binance cross-chain bridge, the BNB price plummeted in the short term, and the panic selling rippled through the entire ecosystem, amplifying the losses and further undermining market confidence. Furthermore, industry development is also hindered. Massive theft cases make potential investors hesitant, slowing the influx of institutional capital, while developers may reduce innovation attempts due to security pressures, such as cross-chain bridges and smart contract projects facing stricter scrutiny after the Ronin and Wormhole incidents. At a deeper level, hackers expose the industry's technical and governance shortcomings. The irreversibility and decentralization of blockchains, while being advantages, become double-edged swords in the face of security. If these root problems are not solved, the long-term reputation and mainstream adoption of the crypto industry will be limited. Hackers are not only plunderers of funds, but also disruptors of the industry ecosystem, and their threats have gone beyond individual incidents to become systemic risks. How to fight back? Facing the severe threat of hackers, the crypto industry can fight back through a multi-pronged approach of technical upgrades, education reinforcement, collaborative mechanisms, and insurance systems. First, the technical layer is the core defense line. The industry needs to strengthen smart contract code audits, promote formal verification tools to ensure vulnerabilities are fixed before launch, and also improve multi-signature mechanisms and cold wallet designs to reduce single points of failure. Secondly, enhancing education is crucial. Users and practitioners need to receive systematic security training to identify social engineering scams and reduce the success rate of phishing attacks, while platforms should also popularize best practices for private key management. In addition, industry collaboration can significantly improve the efficiency of counterattacks. Establishing a real-time threat intelligence sharing network, where exchanges, DeFi projects and security companies work together to track hacker fund flows, as demonstrated by the Thala Labs case in recovering $25.5 million, proves the potential of community collaboration. Moderate regulatory involvement can also drive platforms to fulfill security responsibilities and form a deterrent force.

Finally, the promotion of the cryptocurrency asset insurance mechanism can provide users with a buffer, mitigating the impact of losses, and the practice of KuCoin's insurance to compensate for part of the funds is worth learning from. If these measures can be promoted in coordination, they can not only curb the rampant momentum of hackers, but also turn crises into opportunities, promote the maturity of industry technology and rebuild trust, allowing the cryptocurrency ecosystem to steadily move forward amid challenges.