Crypto Hacks Soar to $1.53B in February as Bybit Attack Sets Record

February was a brutal month for cryptocurrency security, with a staggering $1.53 billion lost to hacks, scams, and exploits, according to blockchain security firm CertiK. The primary driver of this surge was the massive $1.4 billion Bybit hack on February 21, now recognized as the largest crypto theft in history.

The FBI and blockchain analysts have linked the attack to North Korea’s Lazarus Group, the same cybercrime syndicate behind the $650 million Ronin bridge hack in March 2022. The attackers reportedly gained control of a Bybit storage wallet, swiftly converting and dispersing the stolen funds across multiple blockchains to obscure their tracks.

Excluding the Bybit incident, crypto-related losses in February still totaled over $126 million, marking a 28.5% increase from January. CertiK’s data indicates that wallet compromises were the leading cause of losses, underscoring ongoing security weaknesses in custodial storage.

Bybit and Other Attacks Shake the Industry

Beyond Bybit, the second-largest exploit in February hit stablecoin payment firm Infini on February 24, resulting in a $49 million loss. CertiK’s report suggested that a developer wallet linked to Infini’s smart contracts retained admin privileges, which were later exploited to drain funds.

“The exploit highlights a major vulnerability, demonstrating how admin privileges can become a single point of failure,” CertiK stated, emphasizing the need for stricter security protocols around private key management.

In an unusual move, Infini offered the hacker a 20% cut of the stolen funds if they returned the rest, promising no legal consequences in exchange. However, the 48-hour deadline passed without any funds being returned. Blockchain data shows that the hacker’s wallet still holds over 17,000 ETH, worth approximately $43 million.

The third-largest attack in February targeted ZkLend, which suffered a $10 million exploit on February 12. Details of the attack remain scarce, but the breach added to the growing concerns over DeFi vulnerabilities.

Crypto Security Concerns Intensify

February’s surge in crypto-related hacks is alarming, especially given the declining trend observed in late 2023. Losses had been falling, with December 2024 seeing just $28.6 million stolen, down from $63.8 million in November and $115.8 million in October.

CertiK warns that wallet security and smart contract vulnerabilities remain the biggest risks in the space, urging exchanges and protocols to adopt stronger security measures before another major breach shakes the industry.