Certik’s data shows that cryptocurrency security issues reached $1.53 billion losses in February after jumping 1500% from $98 million in January. A large hack of the Bybit exchange caused most of the losses, plus separate attacks on the Infini and zkLend platforms.
On February 21 the Lazarus Group linked to North Korea broke into Bybit to steal $1.4 billion which became the largest crypto theft in history. The cyber theft exceeded the Ronin Bridge hack from March 2022 where Lazarus Group took $650 million.
Hackers Laundered Stolen Crypto Through Mixers
After taking the money through their hack they pushed the stolen funds through crypto-mixing services, which people with illegal transactions often use to hide money traces. Official reports show that the attackers successfully laundered all stolen money.
Infini Neo Bank lost $49.5 million on February 24 in a clear depiction of the second-biggest hack. Cyvers identified this attack as an inside job done by a platform developer who still possessed administrative access rights even after setting up the smart contract system.
Right after setting up the smart contract the developer switched to using admin privileges three months later to empty the funds into a wallet connected to Tornado Cash for their own purposes. The platform leader Infini reacted with a strong ultimatum giving the thief 48 hours to give back their stolen money or face a 20% reward forfeiture. Infini failed to retrieve its assets because the deadline passed without the hacker delivering the promised funds, even though legal risk and frozen assets awaited him.
On February 12 Ethereum-based lending protocol zkLend sustained $9.5 million in crypto theft to make it the third largest target in that month. zkLend joined Infini in offering a reward for the return of stolen funds but only as a 90/10 split with the hacker. The project team created a recovery portal after being stolen but had to leave the funds with the hacker who showed no willingness to cooperate.
During February Certik found wallet theft caused more crypto loss cases than any other security threat. The systems had $20 million worth of code problems while phishing attacks stole $1.8 million.
The quick jump in February security incidents points out that thieves now find multiple access routes into the cryptocurrency world. Companies that secure cryptocurrency and digital assets continue to face increasing threats as experts predict higher financial losses.
