Cryptocurrency prices began to plummet significantly in the late evening of February 21, and the downward trend continued until midday on February 22. This decline is believed to be mainly due to a hacker attack on the Bybit exchange. On the evening of February 21, 2025, the exchange suffered a hacker attack worth $1.46 billion, making it one of the largest security breaches in the industry in the first quarter of 2025. The attack targeted one of Bybit's Ethereum multi-signature cold wallets.
Bybit Suffers Largest Hacking Incident in History
This incident has also been labeled as one of the largest hacker attacks on a cryptocurrency exchange in history, accounting for more than 50% of the total value lost in the cryptocurrency market in 2024. The total loss from cryptocurrency market hacks in 2024 reached $2.2 billion, up from $1.8 billion in 2023. This incident also led to the liquidation of about $100 million in the market, further causing a sharp decline in the value of major cryptocurrencies.
Bitcoin (BTC) and Ethereum (ETH) experienced significant declines after the news broke, with Ethereum dropping nearly 4% in less than 4 hours after the hacking attack was confirmed. Bybit CEO Ben Zhou stated that the exchange detected unauthorized activity in its Ethereum cold wallet, and the cold wallet was attacked during the transfer to the hot wallet. The hackers manipulated the transactions to make them appear legitimate, but the transactions contained malicious code that changed the logic of the wallet's smart contract, allowing them to steal the funds.
A blockchain analysis report indicates that over $100 million in funds flowed out of Bybit, with a significant portion of the assets being transferred and sold, triggering an alarm in the crypto community. The stolen funds were primarily Ethereum and staked Ethereum (stETH and mETH), and they were distributed across multiple addresses to avoid tracing. The hackers have started converting the stolen funds into other Ethereum tokens on decentralized exchanges.
This security breach highlights people's concerns about the integration of cryptocurrencies with traditional financial institutions, as well as the need for stronger regulation. It also underscores the vulnerability of even so-called secure cold wallets (not connected to the internet). This incident has sparked a debate in the cryptocurrency community about centralization and decentralization, with some arguing that a well-regulated market is crucial to prevent such massive losses.
Largest Hacking Incidents in History
The following section will provide a detailed analysis of the largest cryptocurrency losses due to hacker attacks or security breaches, ranked by the amount of loss at the time of the attack. The analysis will cover the details of each incident, the attack methods, the responsible parties (if known), the recovery efforts, and the broader impact on the cryptocurrency industry. The information is sourced from global news platforms, blockchain analysis reports, and official statements from the affected entities.
Detailed Incident Analysis
1. Bybit Hacking Incident (February 21, 2025, $146 million)
The Bybit hacking incident occurred on February 21, 2025, setting a new record for the highest loss. Hackers stole over $146 million from the exchange's ETH cold wallet. The attack involved sophisticated phishing techniques, manipulating the signing interface to display a legitimate UI, while simultaneously altering the underlying smart contract logic to divert the funds to unknown addresses. Bybit CEO Ben Zhou confirmed in a X post that only one ETH cold wallet was affected, and other wallets remained secure, with withdrawals proceeding normally. He claimed that even if the loss cannot be recovered, the exchange has the ability to pay, as customer assets are backed 1:1, highlighting the vulnerabilities in cold wallet management and the Gnosis Safe (formerly Safe) multi-signature wallet.
2. Ronin Network Hacking Incident (March 2022, $625 million)
The Ronin Network hacking incident occurred in March 2022, involving an attack on the Axie Infinity game's sidechain validation nodes. The hackers gained control of four validation nodes and authorized two unauthorized withdrawals, stealing 173,600 ETH (approximately $595 million) and 25.5 million USDC ($25.5 million), for a total loss of $625 million. The incident was attributed to the North Korean Lazarus group, and Sky Mavis promised to compensate affected users and strengthen security measures.
3. Poly Network Hacking Incident (August 2021, $611 million)
The Poly Network hacking incident occurred on August 10, 2021, where the hackers exploited a vulnerability in the cross-chain bridge smart contract to steal approximately $611 million worth of various assets, including cryptocurrencies, stablecoins, and other tokens, across Ethereum, Binance Smart Chain, and Polygon. Tether froze $33 million in USDT to mitigate the loss, and the hackers later negotiated with the platform to return most of the funds, with their identity remaining unknown.
4. Binance BNB Bridge Hacking Incident (October 6, 2022, $569 million)
The Binance BNB Bridge hacking incident occurred on October 6, 2022, where the hackers exploited a vulnerability in the BNB Smart Chain cross-chain bridge to steal 2 million BNB tokens, worth approximately $569 million. The attack involved forging proofs to extract the funds. Binance quickly suspended the bridge service and froze a portion of the stolen funds, ultimately limiting the loss to around $100 million, with the rest of the funds being recovered. Binance offered a bounty to track down the hackers.
5. Coincheck Hacking Incident (January 2018, $534 million)
The Coincheck hacking incident occurred on January 26, 2018, where hackers exploited a vulnerability in the hot wallet to steal 523 million NEM tokens, worth approximately $534 million at the time, when the NEM price was around $1.02. The funds were not recovered, and Coincheck used its own resources to compensate customers. The exchange was later acquired by Monex Group in 2018.
6. Mt. Gox Hacking Incident (2014, $473 million)
The Mt. Gox hacking incident occurred in 2014, where hackers stole nearly 750,000 customer bitcoins and 100,000 of the exchange's own bitcoins, totaling 750,000 bitcoins, worth approximately $473 million at the time, which accounted for 7% of the total circulating supply. This led to the exchange's bankruptcy in 2014.
7. FTX Hacking Incident (November 2022, $473 million)
The FTX hacking incident occurred on November 11, 2022, after the exchange filed for bankruptcy. Unauthorized transactions led to the draining of the wallets, resulting in a loss of approximately $473 million, primarily in stablecoins, which were quickly converted to Ethereum.
8. Wormhole Hacking Incident (February 2022, $320 million)
The Wormhole hacking incident occurred on February 2, 2022, where the hackers exploited a vulnerability in the token bridge between Ethereum and Solana to steal 120,000 wETH tokens, worth $320 million. All the funds were later recovered, and Wormhole offered a $10 million bounty.
9. DMM Bitcoin Hacking Incident (May 31, 2024, $308 million)
The DMM Bitcoin hacking incident occurred on May 31, 2024, where the hackers stole 4,502.9 BTC, worth approximately $308 million. According to a joint statement by the FBI and the National Police Agency of Japan (December 23, 2024), the North Korean group TraderTraitor (a Lazarus group offshoot) carried out a social engineering attack, posing as a LinkedIn recruiter to trick a Ginco Inc. employee responsible for managing DMM's trading, into downloading malicious code, which allowed the hackers to control the transaction requests and transfer the funds to their wallets. DMM promised to compensate customers but closed down in December 2024 due to financial pressures.
10. KuCoin Hacking Incident (September 2020, $285 million)
The KuCoin hacking incident occurred on September 25, 2020, where the hackers stole $285 million worth of various cryptocurrency assets. The attack involved a vulnerability in the hot wallet, and KuCoin collaborated with law enforcement and blockchain companies to recover around $240 million, with the remaining $45 million in losses being compensated by the exchange's insurance and its own funds.
Join the official BlockBeats community:
Telegram subscription group: https://t.me/theblockbeats
Telegram discussion group: https://t.me/BlockBeats_App
Twitter official account: https://twitter.com/BlockBeatsAsia
