Crypto Hacks Skyrocket by 1500% in February
According to blockchain security firm CertiK, crypto hacks in February 2025 resulted in losses of approximately $1.5 billion.
The biggest blow hit the popular crypto exchange Bybit, where hackers stole approximately $1.44 billion. U.S. law enforcement agencies suspect the North Korean Lazarus Group was behind the attack, marking it as the largest crypto hack in history. For comparison, the notorious Mt. Gox hack in 2014 resulted in the loss of 800,000 BTC, valued at $470 million at the time of its bankruptcy filing.
According to CertiK analysts, total losses surged by nearly 1500% compared to January, when damages amounted to $98 million. Even without factoring in the Bybit breach, losses still increased by 28.5%, reaching $126 million. Other affected projects included crypto neobank Infini ($49.5 million) and the decentralized lending protocol zkLend ($9.5 million), further highlighting the growing security threats in the crypto industry.
Bybit Crypto Exchange Hack
The attack on Bybit was truly unprecedented. The Lazarus Group used social engineering, interface manipulation, and smart contract spoofing to siphon funds in multiple stages. The FBI confirmed North Korea’s involvement, highlighting the geopolitical implications of recent cybercrimes.
This incident once again exposed the vulnerabilities of even major centralized platforms, particularly in terms of management system security and human error risks. However, Bybit’s rapid and effective response was widely recognized. The exchange managed to mitigate the impact without suspending withdrawals and fully compensated affected users. Many called this one of the best crisis management strategies in the crypto industry.
Related: eXch Caught in Crypto Crime Allegations—Bybit Hack Connection?
Analysts compare the Bybit hack to the March 2022 attack on Ronin Bridge, where the Lazarus Group stole $620 million using similar techniques. However, the Bybit breach nearly doubled that record, highlighting the advancement of hacking tactics and the strategic selection of targets. This is particularly evident with Lazarus, which has been responsible for nearly every major crypto-related cyberattack in recent years.
Infini Neobank Hack
A notable but slightly less severe incident was the $49 million hack of the crypto neobank Infini, which took place shortly after the Bybit breach. The attacker was a former company developer who had retained administrative access to a key wallet. The Infini team attempted to negotiate with the hacker, offering to let him keep 20% of the stolen funds in exchange for returning the rest and avoiding legal consequences.
We are closely monitoring the address involved and are prepared to take immediate action to freeze any stolen funds if necessary,
the developers stated.
However, the proposed deadline has long passed, and according to Etherscan, the hacker’s wallet still holds approximately 17,000 ETH ($43 million). It appears that he has refused to cooperate, though his next steps remain unclear. Most likely, he will attempt to launder the funds through crypto mixers and decentralized exchanges, a common strategy among cybercriminals.
Impact and the Future of Crypto Security
A detailed analysis of February’s losses shows that the most common attack methods were:
- Wallet compromises ($1.5 billion)
- Smart contract vulnerabilities ($20 million)
- Phishing attacks ($1.8 million)
Although losses declined toward the end of 2024 ($28.6 million in December compared to $63.8 million in November), the spike in February 2025 proves that cybercriminal activity remains a persistent and growing threat.
Related: Social Engineering in Crypto: Top 5 Fraud Schemes
In light of these events, CertiK analysts are urging crypto exchanges and developers to reassess their security strategies. Key recommendations include tightening internal access policies, implementing multifactor authentication, adopting advanced cryptographic protocols, and enhancing cooperation with law enforcement agencies.
Moreover, there is a growing need for cybersecurity education initiatives to help both users and industry professionals reduce the risk of future attacks.
The content on The Coinomist is for informational purposes only and should not be interpreted as financial advice. While we strive to provide accurate and up-to-date information, we do not guarantee the accuracy, completeness, or reliability of any content. Neither we accept liability for any errors or omissions in the information provided or for any financial losses incurred as a result of relying on this information. Actions based on this content are at your own risk. Always do your own research and consult a professional. See our Terms, Privacy Policy, and Disclaimers for more details.
Articles by this author
