Original author: 1912212.eth, Foresight News
The crypto industry has always been famous for all kinds of wealth stories, and the crisis hidden underneath has begun to emerge. Recently, $1.46 billion was stolen from the bybit cold wallet, becoming the largest single hacking incident in the history of cryptocurrencies. Although it did not cause serious negative impact afterwards, it sounded a wake-up call for industry security. Imagine that the wealth you have earned through untold hardships is easily stolen by a highly skilled hacker with just a few taps on the keyboard...
Security is of paramount importance, and the importance of protecting wealth is self-evident. Hacker attacks are no longer just a technical issue, but one of the biggest risks that shakes the foundation of the entire encryption industry.
As of February 2025, the known losses in the encryption field in the first quarter exceeded $1.5 billion, and there were 20 hacking incidents. The frequency of attacks is high and the losses are huge. In contrast, the data of immunefi speaks for itself. From the beginning of 2024 to August of that year, there were 154 hacking attacks and thefts in the entire industry, causing a total loss of $1.21 billion. In just two months of 2025, the amount of losses has almost exceeded the record of the same period.
Past hacking incidents are shocking
In the past history of encryption, some protocols or exchanges have faced huge challenges due to hacking incidents, and even collapsed.
In August 2021, the Poly Network cross-chain protocol was stolen, resulting in a loss of $611 million (multi-chain assets). Hackers exploited smart contract vulnerabilities to steal assets from Poly Networks Ethereum, BNB chain, and Polygon wallet. Strangely, the hacker claimed that it was just for fun and eventually returned most of the funds (about 300 million were not recovered). The incident revealed the complexity and potential risks of the DeFi protocol.
In February 2022, the Wormhole cross-chain bridge was stolen, and 120,000 wETH were lost. Hackers used the Solana VAA verification vulnerability to forge messages and mint wrapped ETH out of thin air. The funds were not recovered, and the incident shook the trust in the cross-chain protocol.
In March 2022, the Ronin network cross-chain bridge was stolen, resulting in the loss of 173,600 ETH and 25.5 million USDC, worth $620 million. Hackers controlled 5 of the 9 validators of the Ronin network through a 51% attack and stole the cross-chain bridge funds of the Axie Infinity game. The FBI confirmed that the Lazarus Group was behind it. The incident exposed the vulnerability of the cross-chain bridge. Sky Mavis spent several years raising funds to compensate users, highlighting the high cost of repair.
In October 2022, Binances cross-chain bridge was stolen, resulting in a loss of 2 million BNB. Hackers used a vulnerability in the BSC Token Hub smart contract to forge withdrawal certificates and generate BNB out of thin air. Binance quickly froze most of the assets, but still suffered heavy losses. This case prompted the industry to re-examine the security design of cross-chain bridges.
The above are only some of the more serious and loss-making hacker security incidents in the past few years. There are countless other losses of millions or tens of millions.
In recent months, the encryption industry has seen several serious hacking security incidents.
In February 2025, the stablecoin digital bank Infini lost $49.5 million. Infini was attacked because hackers secretly retained administrative privileges.
In February 2025, more than 510,000 native ETH and various derivative ETH were stolen from Bybit, with a loss of more than $1.4 billion. Hackers used UI forgery, social engineering and delegatecall vulnerabilities to break into multi-signature member devices, tamper with cold wallet smart contracts, and transfer huge amounts of funds. It is suspected that the North Korean Lazarus Group was responsible.
In November 2024, $25.5 million was stolen from the Thala Labs DeFi platform, which was subsequently recovered in full through white hat hackers and community collaboration. The incident highlighted the potential of the DeFi protocol in emergency response, but also exposed the vulnerability of private key management.
In November 2024, the on-chain trading platform Dexx was stolen, with a loss of 21 million USDT (over 150 million USD). The attack involved more than 1,000 users and more than 8,000 addresses. It is suspected that the platforms private key was leaked due to plaintext storage and transmission, and the suspicion of internal crime has not been ruled out. The founder promised compensation, and the victims filed cases in many places, but the attackers assets have not been fully transferred.
Why are hackers so rampant?
The reason why hackers are so rampant in the crypto industry is mainly due to the interweaving of multiple factors such as technology, human nature, economy and regulation. From a technical point of view, the irreversibility of blockchain transactions makes it difficult to recover funds once they are stolen, and the complexity of smart contracts hides loopholes, such as the delegatecall problem in the Bybit incident, which gave hackers an opportunity to take advantage. In addition, human weaknesses are also an important reason. Social engineering attacks have been successful many times, such as multi-signature members being phished or employees lacking security awareness, resulting in a defense system that is ineffective.
On the economic level, the high liquidity and anonymity of crypto assets provide hackers with convenience for money laundering, and the huge returns have attracted the participation of professional gangs such as the Lazarus Group. The low-risk and high-return characteristics have caused a serious imbalance between the cost and benefits of attacks. Finally, the lack of supervision has further magnified the problem. Although the decentralized nature has given the industry freedom, it also lacks unified security standards and law enforcement mechanisms, making it difficult to effectively curb hacker activities. These factors work together to make the crypto industry a paradise for hackers, which not only challenges technical security, but also threatens user trust and ecological development. The entire industry needs to face up to and respond to it.
How hackers threaten the foundations of industry
The threat posed by hackers to the crypto industry has penetrated the foundation of the industry, shaking its trust, market stability and development prospects. First, they directly erode user trust. Large-scale thefts not only cause retail investors to panic and withdraw funds, but also make institutional investors doubt the security of cryptocurrencies. This crisis of trust may trigger a bank run effect, leading to the depletion of platform liquidity or even bankruptcy. Secondly, hacker attacks cause drastic market fluctuations. For example, after the Binance cross-chain bridge was stolen for $570 million, the price of BNB plummeted in a short period of time, and panic selling spread to the entire ecosystem. The chain reaction of DeFi and exchanges amplified the losses, further weakening market confidence.
In addition, the development of the industry has also been hindered. Huge thefts have discouraged potential investors, institutional capital inflows have slowed down, and developers may reduce innovative attempts due to security pressure. For example, cross-chain bridges and smart contract projects have faced stricter scrutiny after the Ronin and Wormhole incidents.
More deeply, hackers have exposed the industrys technical and governance shortcomings. Although the irreversibility and decentralization of blockchain are advantages, they are a double-edged sword in terms of security. If these root problems are not resolved, the long-term credibility and mainstream adoption of the crypto industry will be limited. Hackers are not only financial plunderers, but also destroyers of the industry ecosystem. Their threats have gone beyond a single incident and become a systemic risk.
How to fight back?
Faced with the severe threat of hackers, the crypto industry can fight back through technology upgrades, education enhancement, collaboration mechanisms and insurance systems. First, the technical level is the core line of defense. The industry needs to strengthen the code audit of smart contracts, promote formal verification tools, ensure that vulnerabilities are fixed before going online, and improve the multi-signature mechanism and cold wallet design to reduce single points of failure. Secondly, it is crucial to enhance education efforts. Users and practitioners need to receive systematic security training, identify social engineering scams, and reduce the success rate of phishing attacks. Platforms should also popularize the best practices of private key management.
In addition, industry collaboration can significantly improve the efficiency of counterattacks and establish a real-time threat intelligence sharing network, allowing exchanges, DeFi projects and security companies to jointly track the flow of hacker funds. For example, the case of Thala Labs recovering $25.5 million proves the potential of community collaboration; the moderate introduction of supervision can also promote the platform to fulfill its security responsibilities and form a deterrent.
Finally, promoting the crypto asset insurance mechanism can provide users with a buffer and reduce the impact of losses. The practice of insurance compensating part of the funds in the KuCoin incident is worth learning from. If these measures can be promoted in a coordinated manner, they can not only curb the rampant momentum of hackers, but also turn crises into opportunities, promote the maturity of industry technology and the reconstruction of trust, and allow the crypto ecosystem to move forward steadily amid challenges.
