Crypto lost to exploits, scams, hits $1.5B in February with Bybit hack: CertiK

March 3, 2025 CryptoExpert Altcoin
NiceHash
Crypto lost to exploits, scams, hits $1.5B in February with Bybit hack: CertiK
Changelly


Losses to crypto scams, exploits and hacks totaled nearly $1.53 billion in February, with the $1.4 billion Bybit hack accounting for the lionโ€™s share of losses, said blockchain security firm CertiK.

The Feb. 21 attack on Bybit by North Koreaโ€™s Lazarus Group was the largest crypto hack ever, more than doubling the $650 million Ronin bridge hack in March 2022, โ€œwhich was also conducted by Lazarus,โ€ CertiK said in a Feb. 28 X post.

Februaryโ€™s lost crypto amount is a nearly 1,500% jump from the $98 million recorded by CertiK in January. However, excluding Bybitโ€™s losses, the remaining crypto losses last month totaled over $126 million, still a 28.5% jump.

Bybit had the largest loss in February, followed by stablecoin payment firm Infini and then the decentralized money lending protocol ZkLend. Source: CertiK

Bybit said that the attackers took control of a storage wallet. The FBI later confirmed industry reports that North Korea was behind the attack and had started to convert the stolen crypto and disperse it โ€œacross thousands of addresses on multiple blockchains.โ€

okex

CertiK added that the second most significant incident of the month was the Feb. 24 hack on stablecoin payment firm Infini that stole $49 million.

In a Feb. 27 report, CertiK said a key wallet used in the attack had previously been involved in developing Infini contracts and had retained admin rights used to redeem all Vault tokens.

โ€œThe exploit highlights a major vulnerability, demonstrating how admin privileges can become a single point of failure,โ€ CertiKโ€™s report reads. โ€œOne fundamental aspect of blockchain security is understanding how to protect your private keys.โ€

The Infini team did offer the hacker a chance to hold onto 20% of the stolen loot if the remainder was returned, along with a guarantee that the hacker wouldnโ€™t face any legal consequences.

There was a 48-hour deadline, which has long since passed, and according to Etherscan, the wallet used by the hacker still has a balance of over 17,000 Ether (ETH) worth $43 million.

Cryptocurrencies, Hackers, Scams, Data

Source: Infini

No public announcement has been made on whether the hacker plans to accept the offer and return any funds.

Related: Bybit hackers resume laundering activities, moving another 62,200 ETH

Decentralized money lending protocol ZkLend suffered the third-largest exploit for February, when it lost $10 million to hackers on Feb. 12.

Overall, CertiK says the top category for losses in February was wallet compromises, followed by code vulnerabilities, which resulted in $20 million in losses, and then phishing, which saw hackers steal $1.8 million.

Losses to crypto scams, exploits and hacks were declining in the final days of 2024, with December registering the smallest amount stolen at $28.6 million, compared to $63.8 million in November and $115.8 million in October.

Magazine: SCB tips $500K BTC, SEC delays Ether ETF options, and more: Hodlerโ€™s Digest, Feb. 23 โ€“March. 1



Source link

fiverr

Be the first to comment

Leave a Reply

Your email address will not be published.


*