
Why have hackers become one of the biggest risks in crypto?
TechFlow Selected TechFlow Selected

Why have hackers become one of the biggest risks in crypto?
The hidden enemy of the crypto world, hacker security incidents are stealing industry confidence.
Author: 1912212.eth, Foresight News
The crypto industry has long been known for tales of wealth creation, yet the crises lurking beneath have begun to surface. Recently, Bybit's cold wallet was hacked, resulting in a loss of $1.46 billion—the largest single hacking incident in crypto history. Although no severe negative impact followed, it sounded a major alarm for industry security. Imagine that your hard-earned wealth could be stolen in an instant by skilled hackers with just a few keystrokes...
Security is paramount; safeguarding assets is self-evidently crucial. Hacking attacks are no longer merely technical issues—they represent one of the greatest risks threatening the very foundation of the entire crypto industry.
As of February 2025, known losses in the crypto sector during the first quarter alone exceeded $1.5 billion, with as many as 20 hacking incidents reported. The frequency and scale of these attacks are staggering. For comparison, Immunefi’s data tells the whole story: from January to August 2024, the industry experienced 154 hacking and theft incidents totaling $1.21 billion in losses. In just the first two months of 2025, the financial damage has nearly surpassed that of the same period the previous year.
Past Hacking Incidents Are Shocking
In past crypto history, several protocols or exchanges have faced significant challenges due to hacking incidents, some collapsing entirely.

In August 2021, Poly Network's cross-chain protocol was breached, losing $611 million (in multi-chain assets). Hackers exploited smart contract vulnerabilities to steal funds from Poly Network’s Ethereum, BNB Chain, and Polygon wallets. Strangely, the hacker claimed it was “just for fun” and eventually returned most of the funds (around $300 million remains unrecovered). This incident revealed the complexity and inherent risks within DeFi protocols.
In February 2022, Wormhole’s cross-chain bridge was hacked, losing 120,000 wETH. The attacker exploited a vulnerability in Solana’s VAA verification system to forge messages and mint wrapped ETH out of thin air. The funds were never recovered, shaking trust in cross-chain protocols.
In March 2022, the Ronin Network’s cross-chain bridge was compromised, losing 173,600 ETH and 25.5 million USDC—worth $620 million. The hacker executed a 51% attack, gaining control of five out of nine validators on the Ronin network, thereby stealing funds from Axie Infinity’s cross-chain bridge. The FBI confirmed the involvement of the Lazarus Group. This incident exposed the fragility of cross-chain bridges, and Sky Mavis took years to raise funds to compensate users, highlighting the immense recovery costs.
In October 2022, Binance’s cross-chain bridge was attacked, losing 2 million BNB. Hackers exploited a vulnerability in the BSC Token Hub smart contract to forge withdrawal proofs and generate BNB out of nowhere. Binance quickly froze most of the assets, but the losses were still substantial. This case prompted the industry to reevaluate the security design of cross-chain bridges.
The above examples represent only the more severe and costly hacking incidents over the past few years—countless others involving tens or hundreds of millions in losses are too numerous to list.
In recent months, the crypto industry has witnessed several serious security breaches.
In February 2025, stablecoin digital bank Infini lost $49.5 million. The attack succeeded because hackers secretly retained administrative privileges.
In February 2025, Bybit was robbed of over 510,000 ETH—including native ETH and various derivative ETH products—amounting to over $1.4 billion in losses. Attackers infiltrated multisig members’ devices via UI spoofing, social engineering, and a delegatecall vulnerability, altered the cold wallet smart contract, and transferred massive funds. The North Korean Lazarus Group is suspected.
In November 2024, Thala Labs’ DeFi platform was hacked, losing $25.5 million. Funds were later fully recovered through white-hat hackers and community collaboration. This event highlighted the potential for emergency response within DeFi protocols, while also exposing the fragility of private key management.
In November 2024, the on-chain trading platform Dexx was breached, losing 21 million USDT (over $150 million). Over 1,000 users and 8,000 addresses were affected. The breach likely stemmed from plaintext storage and transmission of platform private keys, with internal involvement not ruled out. The founder pledged compensation, victims filed reports globally, but the attackers’ assets have not been fully traced.
Why Are Hackers So Rampant?
Hackers thrive in the crypto industry due to a complex interplay of technological, human, economic, and regulatory factors. Technologically, the irreversible nature of blockchain transactions makes stolen funds nearly impossible to recover, while the complexity of smart contracts introduces hidden vulnerabilities—such as the delegatecall issue in the Bybit incident—that hackers exploit. Additionally, human weaknesses play a critical role. Social engineering attacks frequently succeed, such as phishing attacks targeting multisig members or insufficient employee security awareness, rendering protective systems ineffective.
Economically, the high liquidity and anonymity of crypto assets facilitate money laundering for hackers. The potential for massive returns attracts professional groups like the Lazarus Group. The low-risk, high-reward environment creates a severe imbalance between attack costs and gains. Finally, regulatory gaps exacerbate the problem. While decentralization grants the industry freedom, it also lacks unified security standards and enforcement mechanisms, making it difficult to effectively curb hacking activities. These combined factors turn the crypto industry into a hacker’s playground, challenging not only technical security but also user trust and ecosystem development—issues the entire industry must urgently confront.
How Hackers Threaten the Industry’s Foundation
Hackers now threaten the very foundation of the crypto industry, undermining trust, market stability, and future growth. First, they directly erode user trust. Large-scale thefts cause retail panic withdrawals and make institutional investors question crypto security. Such trust crises may trigger a "bank run" effect, draining platform liquidity or even causing collapse. Second, hacking incidents provoke severe market volatility. For example, after Binance’s cross-chain bridge lost $570 million, BNB’s price plummeted temporarily, sparking panic selling across the ecosystem. Cascading effects in DeFi and exchanges amplify losses and further weaken market confidence.
Moreover, industry development is hindered. High-profile heists deter potential investors, slow institutional capital inflows, and pressure developers to reduce innovation due to security concerns—cross-chain bridges and smart contract projects face stricter scrutiny following incidents like Ronin and Wormhole.
At a deeper level, hackers expose the industry’s technological and governance shortcomings. While blockchain immutability and decentralization are strengths, they become double-edged swords when it comes to security. If these root issues remain unaddressed, the long-term reputation and mainstream adoption of crypto will be severely limited. Hackers are not just thieves—they are ecosystem destroyers. Their threat extends beyond isolated events, becoming a systemic risk.
How to Fight Back?
Facing this severe threat, the crypto industry can fight back through technological upgrades, enhanced education, collaborative mechanisms, and insurance systems. First, technology is the core defense. The industry must strengthen smart contract code audits, promote formal verification tools to fix vulnerabilities before deployment, and improve multisig mechanisms and cold wallet designs to reduce single points of failure. Second, enhancing education is vital. Users and professionals need systematic security training to recognize social engineering scams and lower phishing success rates. Platforms should also promote best practices in private key management.
Additionally, industry collaboration can significantly boost response effectiveness. Establishing real-time threat intelligence sharing networks enables exchanges, DeFi projects, and security firms to jointly track hacker fund flows. The recovery of $25.5 million in the Thala Labs case demonstrates the power of community collaboration.适度引入监管 can also push platforms to enforce security responsibilities and create deterrence.
Finally, promoting crypto asset insurance mechanisms can cushion user losses and mitigate financial impacts. Practices like KuCoin using insurance to cover part of its losses offer valuable lessons. If these measures are implemented in tandem, they can not only curb rampant hacking but also turn crises into opportunities—driving technological maturity and rebuilding trust, allowing the crypto ecosystem to steadily advance through challenges.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News














