Why Have Hackers Become One of the Biggest Risks in Cryptocurrency?
The cryptocurrency industry has long been known for its wealth-building stories, but beneath these success tales, a growing crisis is emerging. Recently, Bybit’s cold wallet was hacked, resulting in a loss of $1.46 billion—making it the largest single hacking event in the history of crypto. While the incident didn’t lead to significant negative consequences, it served as a stark reminder of the industry’s security vulnerabilities. Imagine this: your hard-earned wealth, easily stolen by a hacker with advanced technical skills, just by pressing a few keys…
The importance of security cannot be overstated, and protecting your wealth is critical. Hacking attacks have evolved beyond just a technical issue; they have become one of the most significant risks threatening the very foundation of the cryptocurrency industry.
As of February 2025, the known losses in the crypto sector for Q1 have already exceeded $1.5 billion, with 20 reported hacking incidents—highlighting an alarming frequency and scale of attacks. For context, data from Immunefi paints a clear picture: from the start of 2024 to August of that year, there were 154 hacking and theft incidents across the industry, leading to losses of $1.21 billion. In just the first two months of 2025, losses have almost already surpassed that entire record.
Shocking Past Hacking Incidents
In the history of cryptocurrency, some protocols or exchanges have faced huge challenges due to hacking incidents, and some even collapsed completely.
In August 2021, the Poly Network cross-chain protocol was hacked, with a loss of $611 million (multi-chain assets). The hacker exploited a smart contract vulnerability to steal assets from Poly Network’s Ethereum, BNB Chain, and Polygon wallets. Interestingly, the hacker claimed it was “just for fun” and eventually returned most of the funds (about $300 million was not recovered). This incident revealed the complexity and potential risks of DeFi protocols.
In February 2022, the Wormhole cross-chain bridge was hacked, with a loss of 120,000 wETH. The hacker exploited a vulnerability in the Solana VAA verification and forged messages to mint wrapped ETH out of thin air. The funds were not recovered, and the incident shook the trust in cross-chain protocols.
In March 2022, the Ronin Network cross-chain bridge was hacked, with a loss of 173,600 ETH and 25.5 million USDC, totaling $620 million. The hacker gained control of 5 out of 9 validators in the Ronin network through a 51% attack, stealing funds from the Axie Infinity game’s cross-chain bridge. The FBI confirmed it was the Lazarus Group behind the attack. This incident exposed the vulnerabilities of cross-chain bridges, and Sky Mavis spent years raising funds to compensate users, highlighting the high cost of fixing such issues.
In October 2022, the Binance cross-chain bridge was hacked, with a loss of 2 million BNB. The hacker exploited a BSC Token Hub smart contract vulnerability to forge withdrawal proofs and mint BNB out of thin air. Binance quickly froze most of the assets, but the losses were still significant. This incident prompted the industry to reconsider the security design of cross-chain bridges.
The above incidents are just some of the major hacking events in the past few years, with losses in the millions and tens of millions. There have been countless other incidents with losses in the hundreds of thousands or millions.
In recent months, several serious hacking security incidents have occurred in the cryptocurrency industry.
In February 2025, the stablecoin digital bank Infini lost $49.5 million. The attack on Infini was due to hackers secretly retaining administrative privileges.
In February 2025, Bybit was hacked, and over 510,000 ETH (native ETH and various derivative ETH) were stolen, with a total loss exceeding $1.4 billion. The hacker used UI spoofing, social engineering, and a delegatecall vulnerability to break into multi-signature member devices, modify the cold wallet smart contract, and transfer large amounts of funds. It is suspected to be the work of the North Korean Lazarus Group.
In November 2024, the Thala Labs DeFi platform was hacked, with a loss of $25.5 million. The funds were later fully recovered through white-hat hackers and community collaboration. The incident highlighted the potential of DeFi protocols in emergency response and exposed the vulnerabilities of private key management.
In November 2024, the on-chain trading platform Dexx was hacked, with a loss of 21 million USDT (over $150 million). The attack involved over 1,000 users and more than 8,000 addresses. It is suspected that the platform’s private keys were stored and transmitted in plaintext, leading to a leak, and internal involvement is not ruled out. The founder promised compensation, and victims have filed cases in multiple locations, but the attacker’s assets have not yet been fully transferred.
Why Are Hackers So Rampant?
The surge in hacking incidents within the cryptocurrency industry can be attributed to a combination of technological, human, economic, and regulatory factors. From a technical perspective, the irreversibility of blockchain transactions makes it extremely difficult to recover stolen funds. The complexity of smart contracts often conceals hidden vulnerabilities, such as the delegatecall issue in the Bybit hack, providing hackers with opportunities to exploit them. Human vulnerabilities also play a significant role—social engineering attacks are often successful. For example, multi-signature members may fall victim to phishing attacks, or employees may lack adequate security awareness, which renders defense systems ineffective.
On the economic side, the high liquidity and anonymity of crypto assets make it easier for hackers to launder stolen funds. The prospect of massive returns has drawn in professional hacker groups like the Lazarus Group, whose low-risk, high-reward approach creates a dangerous imbalance between the costs and benefits of cyberattacks. Lastly, the absence of robust regulation exacerbates the problem. While the decentralized nature of the crypto space offers freedom, it also lacks standardized security protocols and enforcement mechanisms, making it difficult to curb hacker activities effectively. Together, these factors have turned the crypto industry into a playground for hackers, challenging not just the technical security of platforms but also eroding user trust and threatening the growth of the ecosystem. It’s now critical for the entire industry to confront these issues and take action.
How Do Hackers Threaten the Industry’s Core?
Hackers have become a direct threat to the very foundation of the cryptocurrency industry, undermining trust, market stability, and long-term growth prospects. First and foremost, they erode user trust. Large-scale thefts not only drive retail investors into panic, prompting them to withdraw their funds, but they also cause institutional investors to question the overall security of the crypto space. This crisis of trust can trigger a “run on the bank” effect, depleting platform liquidity and even leading to collapse. Second, hacker attacks often cause sharp market fluctuations. For example, after the $570 million theft from Binance’s cross-chain bridge, the price of BNB dropped dramatically, triggering panic selling across the ecosystem. The resulting chain reaction in DeFi and exchanges amplified losses, further damaging market confidence.
Furthermore, the industry’s development is being hindered. Massive thefts make potential investors wary, slowing the flow of institutional capital, while developers may scale back their innovation efforts due to security concerns. After incidents like the Ronin and Wormhole hacks, cross-chain bridges and smart contract projects are facing much stricter scrutiny.
On a deeper level, hackers have exposed the industry’s technical and governance weaknesses. While the irreversibility of blockchain transactions and decentralization are often seen as advantages, they become double-edged swords when it comes to security. If these foundational issues are not addressed, the crypto industry’s long-term credibility and mainstream adoption will remain limited. Hackers are not just stealing funds; they are damaging the ecosystem itself. Their threat has grown beyond isolated incidents to become a systemic risk to the entire industry.
How Can We Fight Back?
To counter the severe threat posed by hackers, the cryptocurrency industry can adopt a multifaceted approach involving technological upgrades, enhanced education, collaborative efforts, and insurance systems. The first line of defense is technology. The industry needs to focus on strengthening smart contract code audits, using formal verification tools to catch vulnerabilities before deployment, and improving multi-sign mechanisms and cold wallet designs to minimize single points of failure.
Next, education is key. Users and professionals need to undergo systematic security training to identify social engineering scams, thereby reducing the success rate of phishing attacks. Platforms should also emphasize best practices for private key management.
Additionally, collaboration within the industry can greatly improve the response to security threats. A real-time threat intelligence-sharing network should be established so that exchanges, DeFi projects, and security firms can collectively track hacker funds. The recovery of $25.5 million by Thala Labs is a good example of how community collaboration can work. Introducing a moderate level of regulation can also encourage platforms to take security seriously and act as a deterrent.
Finally, promoting cryptocurrency insurance mechanisms could provide a safety net for users, helping to soften the blow of any losses. The approach taken by KuCoin, which used insurance to compensate some of the stolen funds, serves as a good model. If these measures can work together, they can not only halt the growth of hacker activities but also turn the current crisis into an opportunity for the industry. This will foster technological advancement and rebuild trust, enabling the crypto ecosystem to move forward more securely and confidently through these challenges.
Disclaimer:
- This article is reprinted from [ForesightNews], and the copyright belongs to the original author [1912212.eth, Foresight News]. If there are any objections to the reprint, please contact the Gate Learn team, and the team will process it according to the relevant procedures.
- Disclaimer: The views and opinions expressed in this article represent only the author’s personal views and do not constitute any investment advice.
- Other language versions of this article were translated by the Gate Learn team. No part of the translated article may be copied, distributed, or reproduced without proper attribution to Gate.io.
Related articles
What Is Ethereum 2.0? Understanding The Merge
What Is a Cold Wallet?
What is Tronscan and How Can You Use it?
Why Have Hackers Become One of the Biggest Risks in Cryptocurrency?
Shocking Past Hacking Incidents
Why Are Hackers So Rampant?
How Do Hackers Threaten the Industry’s Core?
How Can We Fight Back?
The cryptocurrency industry has long been known for its wealth-building stories, but beneath these success tales, a growing crisis is emerging. Recently, Bybit’s cold wallet was hacked, resulting in a loss of $1.46 billion—making it the largest single hacking event in the history of crypto. While the incident didn’t lead to significant negative consequences, it served as a stark reminder of the industry’s security vulnerabilities. Imagine this: your hard-earned wealth, easily stolen by a hacker with advanced technical skills, just by pressing a few keys…
The importance of security cannot be overstated, and protecting your wealth is critical. Hacking attacks have evolved beyond just a technical issue; they have become one of the most significant risks threatening the very foundation of the cryptocurrency industry.
As of February 2025, the known losses in the crypto sector for Q1 have already exceeded $1.5 billion, with 20 reported hacking incidents—highlighting an alarming frequency and scale of attacks. For context, data from Immunefi paints a clear picture: from the start of 2024 to August of that year, there were 154 hacking and theft incidents across the industry, leading to losses of $1.21 billion. In just the first two months of 2025, losses have almost already surpassed that entire record.
Shocking Past Hacking Incidents
In the history of cryptocurrency, some protocols or exchanges have faced huge challenges due to hacking incidents, and some even collapsed completely.
In August 2021, the Poly Network cross-chain protocol was hacked, with a loss of $611 million (multi-chain assets). The hacker exploited a smart contract vulnerability to steal assets from Poly Network’s Ethereum, BNB Chain, and Polygon wallets. Interestingly, the hacker claimed it was “just for fun” and eventually returned most of the funds (about $300 million was not recovered). This incident revealed the complexity and potential risks of DeFi protocols.
In February 2022, the Wormhole cross-chain bridge was hacked, with a loss of 120,000 wETH. The hacker exploited a vulnerability in the Solana VAA verification and forged messages to mint wrapped ETH out of thin air. The funds were not recovered, and the incident shook the trust in cross-chain protocols.
In March 2022, the Ronin Network cross-chain bridge was hacked, with a loss of 173,600 ETH and 25.5 million USDC, totaling $620 million. The hacker gained control of 5 out of 9 validators in the Ronin network through a 51% attack, stealing funds from the Axie Infinity game’s cross-chain bridge. The FBI confirmed it was the Lazarus Group behind the attack. This incident exposed the vulnerabilities of cross-chain bridges, and Sky Mavis spent years raising funds to compensate users, highlighting the high cost of fixing such issues.
In October 2022, the Binance cross-chain bridge was hacked, with a loss of 2 million BNB. The hacker exploited a BSC Token Hub smart contract vulnerability to forge withdrawal proofs and mint BNB out of thin air. Binance quickly froze most of the assets, but the losses were still significant. This incident prompted the industry to reconsider the security design of cross-chain bridges.
The above incidents are just some of the major hacking events in the past few years, with losses in the millions and tens of millions. There have been countless other incidents with losses in the hundreds of thousands or millions.
In recent months, several serious hacking security incidents have occurred in the cryptocurrency industry.
In February 2025, the stablecoin digital bank Infini lost $49.5 million. The attack on Infini was due to hackers secretly retaining administrative privileges.
In February 2025, Bybit was hacked, and over 510,000 ETH (native ETH and various derivative ETH) were stolen, with a total loss exceeding $1.4 billion. The hacker used UI spoofing, social engineering, and a delegatecall vulnerability to break into multi-signature member devices, modify the cold wallet smart contract, and transfer large amounts of funds. It is suspected to be the work of the North Korean Lazarus Group.
In November 2024, the Thala Labs DeFi platform was hacked, with a loss of $25.5 million. The funds were later fully recovered through white-hat hackers and community collaboration. The incident highlighted the potential of DeFi protocols in emergency response and exposed the vulnerabilities of private key management.
In November 2024, the on-chain trading platform Dexx was hacked, with a loss of 21 million USDT (over $150 million). The attack involved over 1,000 users and more than 8,000 addresses. It is suspected that the platform’s private keys were stored and transmitted in plaintext, leading to a leak, and internal involvement is not ruled out. The founder promised compensation, and victims have filed cases in multiple locations, but the attacker’s assets have not yet been fully transferred.
Why Are Hackers So Rampant?
The surge in hacking incidents within the cryptocurrency industry can be attributed to a combination of technological, human, economic, and regulatory factors. From a technical perspective, the irreversibility of blockchain transactions makes it extremely difficult to recover stolen funds. The complexity of smart contracts often conceals hidden vulnerabilities, such as the delegatecall issue in the Bybit hack, providing hackers with opportunities to exploit them. Human vulnerabilities also play a significant role—social engineering attacks are often successful. For example, multi-signature members may fall victim to phishing attacks, or employees may lack adequate security awareness, which renders defense systems ineffective.
On the economic side, the high liquidity and anonymity of crypto assets make it easier for hackers to launder stolen funds. The prospect of massive returns has drawn in professional hacker groups like the Lazarus Group, whose low-risk, high-reward approach creates a dangerous imbalance between the costs and benefits of cyberattacks. Lastly, the absence of robust regulation exacerbates the problem. While the decentralized nature of the crypto space offers freedom, it also lacks standardized security protocols and enforcement mechanisms, making it difficult to curb hacker activities effectively. Together, these factors have turned the crypto industry into a playground for hackers, challenging not just the technical security of platforms but also eroding user trust and threatening the growth of the ecosystem. It’s now critical for the entire industry to confront these issues and take action.
How Do Hackers Threaten the Industry’s Core?
Hackers have become a direct threat to the very foundation of the cryptocurrency industry, undermining trust, market stability, and long-term growth prospects. First and foremost, they erode user trust. Large-scale thefts not only drive retail investors into panic, prompting them to withdraw their funds, but they also cause institutional investors to question the overall security of the crypto space. This crisis of trust can trigger a “run on the bank” effect, depleting platform liquidity and even leading to collapse. Second, hacker attacks often cause sharp market fluctuations. For example, after the $570 million theft from Binance’s cross-chain bridge, the price of BNB dropped dramatically, triggering panic selling across the ecosystem. The resulting chain reaction in DeFi and exchanges amplified losses, further damaging market confidence.
Furthermore, the industry’s development is being hindered. Massive thefts make potential investors wary, slowing the flow of institutional capital, while developers may scale back their innovation efforts due to security concerns. After incidents like the Ronin and Wormhole hacks, cross-chain bridges and smart contract projects are facing much stricter scrutiny.
On a deeper level, hackers have exposed the industry’s technical and governance weaknesses. While the irreversibility of blockchain transactions and decentralization are often seen as advantages, they become double-edged swords when it comes to security. If these foundational issues are not addressed, the crypto industry’s long-term credibility and mainstream adoption will remain limited. Hackers are not just stealing funds; they are damaging the ecosystem itself. Their threat has grown beyond isolated incidents to become a systemic risk to the entire industry.
How Can We Fight Back?
To counter the severe threat posed by hackers, the cryptocurrency industry can adopt a multifaceted approach involving technological upgrades, enhanced education, collaborative efforts, and insurance systems. The first line of defense is technology. The industry needs to focus on strengthening smart contract code audits, using formal verification tools to catch vulnerabilities before deployment, and improving multi-sign mechanisms and cold wallet designs to minimize single points of failure.
Next, education is key. Users and professionals need to undergo systematic security training to identify social engineering scams, thereby reducing the success rate of phishing attacks. Platforms should also emphasize best practices for private key management.
Additionally, collaboration within the industry can greatly improve the response to security threats. A real-time threat intelligence-sharing network should be established so that exchanges, DeFi projects, and security firms can collectively track hacker funds. The recovery of $25.5 million by Thala Labs is a good example of how community collaboration can work. Introducing a moderate level of regulation can also encourage platforms to take security seriously and act as a deterrent.
Finally, promoting cryptocurrency insurance mechanisms could provide a safety net for users, helping to soften the blow of any losses. The approach taken by KuCoin, which used insurance to compensate some of the stolen funds, serves as a good model. If these measures can work together, they can not only halt the growth of hacker activities but also turn the current crisis into an opportunity for the industry. This will foster technological advancement and rebuild trust, enabling the crypto ecosystem to move forward more securely and confidently through these challenges.
Disclaimer:
- This article is reprinted from [ForesightNews], and the copyright belongs to the original author [1912212.eth, Foresight News]. If there are any objections to the reprint, please contact the Gate Learn team, and the team will process it according to the relevant procedures.
- Disclaimer: The views and opinions expressed in this article represent only the author’s personal views and do not constitute any investment advice.
- Other language versions of this article were translated by the Gate Learn team. No part of the translated article may be copied, distributed, or reproduced without proper attribution to Gate.io.
Related articles
What Is Ethereum 2.0? Understanding The Merge
What Is a Cold Wallet?