Author: 1912212.eth, Foresight News

The cryptocurrency industry has long been known for its wealth stories, but the crisis hidden beneath them has begun to surface. Recently, Bybit's cold wallet was hacked for $1.46 billion, the largest single hacking incident in cryptocurrency history. Although it did not have a severe negative impact afterwards, it sounded an alarm for the industry's security. Imagine, the wealth you have earned through great effort can be easily stolen by a skilled hacker with just a few keystrokes...

Security is of paramount importance, and the importance of safeguarding one's wealth cannot be overstated. Hacker attacks are not just a technical issue, but one of the biggest risks that can undermine the very foundation of the cryptocurrency industry.

As of February 2025, the known losses in the cryptocurrency sector in the first quarter have already exceeded $1.5 billion, with 20 hacking incidents, the frequency and magnitude of which are staggering. In contrast, Immunefi's data shows that in the period from the beginning of 2024 to August of that year, the entire industry experienced 154 hacking and theft incidents, resulting in a total loss of $1.21 billion, while in the first 2 months of 2025, the loss amount has already nearly surpassed the same period record.

Shocking Past Hacking Incidents

In the history of cryptocurrency, some protocols or exchanges have faced huge challenges and even disintegration due to hacking incidents.

In August 2021, the Poly Network cross-chain protocol was hacked, with a loss of $611 million (multi-chain assets). The hacker exploited a vulnerability in the smart contract to steal assets from the Ethereum, BNB Chain and Polygon wallets of Poly Network. Interestingly, the hacker claimed to have done it "just for fun" and eventually returned most of the funds (about $300 million unrecovered). The incident revealed the complexity and potential risks of DeFi protocols.

In February 2022, the Wormhole cross-chain bridge was hacked, with a loss of 120,000 wETH. The hacker exploited a vulnerability in the Solana VAA verification to forge messages and mint wrapped ETH out of thin air. The funds were not recovered, shaking the trust in cross-chain protocols.

In March 2022, the Ronin Network cross-chain bridge was hacked, with a loss of 173,600 ETH and 25.5 million USDC, worth $620 million. The hacker gained control of 5 out of 9 Ronin network validators through a 51% attack and stole the cross-chain bridge funds of the Axie Infinity game. The FBI confirmed that the Lazarus group was behind it. The incident exposed the fragility of cross-chain bridges, and Sky Mavis spent years raising funds to compensate users, highlighting the high cost of remediation.

In October 2022, the Binance cross-chain bridge was hacked, with a loss of 2 million BNB. The hacker exploited a vulnerability in the BSC Token Hub smart contract to forge withdrawal proofs and generate BNB out of thin air. Binance quickly froze most of the assets, but still suffered heavy losses. This case prompted the industry to re-examine the security design of cross-chain bridges.

The above are just the most severe and largest hacking security incidents in the past few years, and there are countless others with losses in the hundreds of millions or billions.

In the past few months, the cryptocurrency industry has experienced several serious hacking security incidents.

In February 2025, the stablecoin digital bank Infini lost $49.5 million, as Infini was attacked due to the hacker secretly retaining administrative privileges.

In February 2025, Bybit was hacked for over 510,000 native ETH and various derivative ETH, with a loss of over $1.4 billion. The hacker breached the multi-signature members' devices through UI forgery, social engineering, and a delegatecall vulnerability, and manipulated the cold wallet smart contract to transfer the massive funds. Suspected to be the work of the North Korean Lazarus group.

In November 2024, the Thala Labs DeFi platform was hacked for $25.5 million, which was later fully recovered through the collaboration of white hat hackers and the community. The incident highlighted the potential of DeFi protocols in emergency response, but also exposed the fragility of private key management.

In November 2024, the on-chain trading platform Dexx was hacked, with a loss of 21 million USDT (over $150 million). The attack involved more than 1,000 users and 8,000 addresses, suspected to be due to the platform's private keys being stored and transmitted in plain text, and the possibility of internal involvement cannot be ruled out. The founder promised compensation, and victims filed lawsuits in multiple locations, but the attacker's assets have not been fully transferred.

Why are Hackers so Rampant?

The rampant hacking in the cryptocurrency industry is mainly due to the interweaving of technical, human, economic, and regulatory factors. Technically, the irreversibility of blockchain transactions makes it difficult to recover funds once stolen, and the complexity of smart contracts harbors vulnerabilities, such as the delegatecall issue in the Bybit incident, which gave hackers an opportunity. In addition, human weaknesses are also an important reason, as social engineering attacks have repeatedly succeeded, such as phishing of multi-signature members or insufficient security awareness of employees, rendering the protection system ineffective.

Economically, the high liquidity and anonymity of cryptocurrency assets provide hackers with money laundering convenience, and the huge returns also attract the participation of professional groups like the Lazarus group. The low-risk, high-return nature of the attacks has led to a severe imbalance between attack costs and benefits. Finally, the lack of regulation has further exacerbated the problem. The decentralized nature of the industry provides freedom, but also lacks unified security standards and law enforcement mechanisms, making it difficult to effectively curb hacker activities. These factors have collectively turned the cryptocurrency industry into a playground for hackers, not only challenging technical security, but also threatening user trust and ecosystem development, which the entire industry urgently needs to address.

How do Hackers Threaten the Industry's Foundation?

Hackers' threats to the cryptocurrency industry have penetrated to the very foundation of the industry, shaking its trust, market stability, and development prospects. First, they directly erode user trust. Large-scale theft not only causes retail investors to panic and withdraw, but also makes institutional investors doubt the security of cryptocurrencies, and this trust crisis may trigger a "bank run effect", leading to platform liquidity depletion and even collapse. Secondly, hacker attacks trigger violent market fluctuations. For example, after the $570 million hack of the Binance cross-chain bridge, the BNB price plummeted in the short term, and the panic selling rippled through the entire ecosystem, amplifying the losses of DeFi and exchanges through a chain reaction, further undermining market confidence.

Furthermore, industry development is also impeded. Massive theft cases make potential investors hesitant, slowing the inflow of institutional capital, while developers may reduce innovation attempts due to security pressures, such as cross-chain bridges and smart contract projects facing stricter scrutiny after the Ronin and Wormhole incidents.

At a deeper level, hackers have exposed the industry's technical and governance shortcomings. The irreversibility of blockchains and decentralization, while advantages, become double-edged swords in the face of security. If these root problems are not solved, the long-term reputation and mainstream adoption of the cryptocurrency industry will be limited. Hackers are not only plunderers of funds, but also destroyers of the industry ecosystem, and their threats have gone beyond individual incidents to become systemic risks.

How to Fight Back?

Facing the severe threat of hackers, the cryptocurrency industry can fight back through a multi-pronged approach of technical upgrades, education reinforcement, collaborative mechanisms, and insurance systems. First, the technical layer is the core defense line. The industry needs to strengthen smart contract code audits, promote formal verification tools to ensure vulnerabilities are fixed before launch, and improve multi-signature mechanisms and cold wallet designs to reduce single points of failure. Secondly, enhancing education is crucial. Users and practitioners need to receive systematic security training to identify social engineering scams and reduce the success rate of phishing attacks, while platforms should also popularize best practices for private key management.

In addition, industry collaboration can significantly improve the efficiency of counterattacks. Establishing a real-time threat intelligence sharing network, where exchanges, DeFi projects, and security companies work together to track hacker fund flows, as demonstrated by the Thala Labs case in recovering $25.5 million, has proven the potential of community collaboration. Moderate regulatory involvement can also drive platforms to implement security responsibilities and form a deterrent force.

Finally, the promotion of the cryptocurrency asset insurance mechanism can provide users with a buffer, mitigating the impact of losses, and the practice of KuCoin's insurance to compensate for part of the funds is worth learning from. If these measures can be promoted in coordination, they can not only curb the rampant momentum of hackers, but also turn crises into opportunities, promote the maturity of industry technology and rebuild trust, allowing the cryptocurrency ecosystem to steadily move forward amid challenges.