Crypto losses totaled $1.53 billion in Feb, with the three biggest exploits being Bybit, Infini, and zkLend hacks.
According to Certik, crypto losses totaled nearly $1.53 billion in Feb., representing a nearly 1,500% increase from the $98 million in losses reported in Jan. Excluding Bybit’s losses, other crypto losses in Feb. amounted to over $126 million, still a sizable 28.5% increase from the previous month.
The biggest loss stemmed from the Feb. 21 hack of Bybit, which was attributed to North Korea’s Lazarus Group. Out of $1.53 billion in total loss, Bybit hack siphoned $1.4 billion. This hack became the largest crypto hack ever, surpassing the $650 million Ronin bridge hack in March 2022 – which was also linked to Lazarus. Following the hack, the stolen funds were laundered using crypto mixers. As of the latest update, Lazarus has now laundered almost all of the stolen funds.
The second largest loss stemmed from Feb.24 hack of stablecoin neobank Infini, which resulted in a loss of $49.5 million. Cyvers attributed the exploit to a developer who retained admin rights after helping set up the smart contract. Three months later, the developer used these rights to drain the funds to a wallet funded through the crypto mixer Tornado Cash. Infini is still trying to recover the stolen funds. The company left the hacker a message, warning that it would take legal action and freeze the stolen funds if necessary. The neobank even offered the hacker a 20% bounty for the return of the stolen assets, with a 48-hour deadline to comply. The deadline has long passed, but the funds are still in the hacker’s possession.
Coming third, the Feb.12 exploit of zkLend resulted in a loss of $9.5 million worth of Ethereum (ETH). Similar to Infini, zkLend offered a bounty to the hacker, asking for the return of 90% of the stolen funds, with the hacker allowed to keep 10%. The latest update about the zkLend hack is that a recovery portal for affected users has been opened. However, the funds are still in the hacker’s possession.
In addition to Feb. losses due to hacks, Certik also reported that wallet compromises were the top category for losses. This was followed by code vulnerabilities, which led to $20 million in losses. Phishing attacks resulted in $1.8 million in stolen funds.
