Bybit, a major player in the crypto market, was hacked on the 21st of February 2025. In a tweet sent by Bybit it states that the hack happened during a transfer of funds from an ETH multisignature cold wallet (a cryptocurrency wallet not connected to the internet) to a warm wallet .
“The hackers manipulated and masked the signing interface, displaying the correct address while altering the underlying smart contract logic,” the tweet said. This hack led to Bybit losing $1.5 billion, a figure that is speculated to be the biggest heist of all.
Since the launch of cryptocurrency in 2009, the crypto industry has suffered a list of major hacks prior to the Bybit incident. Due to the dynamic nature of the cryptocurrency space, the figures of the hacks sometimes differ from the actual amount declared during the hack when new information comes up.
In March 2022, Ronin network suffered a $615million hack. The network powered a popular mobile game Axie infinity, where players fight cartoon pets called axis to earn cryptocurrency and non-fungible tokens (NFTs).
In a news article with BBC, the company states that the hacker transferred $540 million worth of cryptocurrency six days prior to when the hack was noticed. Upon investigation, it was discovered that the total hack amounted to $615 million. This was dubbed the second largest hack.
Wormhole, a cryptocurrency network, suffered a heist of $320 million in February 2022. It was discovered that the hackers exploited vulnerabilities in the systems code and were able to create 120,000 “wrapped” ethereum tokens without disrupting the Ethereum blockchain.
Poly network, a Cross-chain decentralized finance platform (DeFi), suffered a hack of $610 million worth of crypto tokens in August 2021. According to SlowMist, a cybersecurity firm and security researcher Kelvin Fitcher, the hack was determined to be made possible by a mismanagement of access rights between two PolySmart contracts. The assets were however returned six days after the heist.
The hackers stated their reason for the hack to have been motivated by showing the network its vulnerabilities and securing the Poly network.
In January 2018, a Japanese cryptocurrency exchange Coincheck suffered a hack that led to a loss of $534 million. The attack was directed to one of its “hot wallets” (a crypto storage solution that is connected to the internet). At the time speculations were raised by the South Korean intelligence agency that the hack was carried out by North Korea.
Mt. Gox, a bitcoin exchange based in Tokyo, Japan which handled 70% of all bitcoin transactions worldwide in early 2014 abruptly stopped all operations after suffering a hack that led to the loss of 650,000 to 850,000 bitcoins. Although the figures kept varying as more information was revealed.
This led to the company declaring bankruptcy and after a decade post-hack, the company began repaying bitcoin to affected customers. The worth of the hack at the time was valued at $500 million.
The recent Bybit hack, tops the list for the most amount of money stolen from a crypto heist. Bybit CEO Ben Zhou has however reassured users that other Bybit cold wallets remain secure and the exchange is still financially stable. Ben Zhou said “the exchange is solvent even if this hack loss is not recovered” and that all services will continue without disruption.
Zhou further stated that Bybit’s security team and other blockchain forensic experts and partners are actively working on investigating the incident, he also extended partnership to any team with expertise in blockchain analysis and fund recovery.
Zhou assured the general public and users stating “Transparency and security remain our top priorities, and we will provide updates asap”. So far, the team has succeeded in freezing $42.89million of the stolen loot as at February 25, 2025.
