Even the loss of nearly $1.5 billion from the February Bybit hack failed to prompt industry participants to change their approach to cybersecurity issues. This was stated by Hacken CEO Dima Budorin in an interview with Cointelegraph.
The industry continues to rely on a limited set of measures such as bounty programs or penetration tests. However, this is categorically insufficient, the expert believes.
According to him, crypto companies need to adopt a more multi-layered approach, similar to that used in traditional industries. This includes supply chain security, operational risks, and their assessment considering blockchain specifics.
“In large Web2 companies, this is mandatory,” Budorin clarified.
He also acknowledged that certain changes in security have occurred following the largest hack in the industry’s history.
For instance, Chainalysis has started maintaining a blacklist of wallets interacting with stolen assets almost in real-time. Previously, it took the firm up to three days after a transaction to mark addresses.
“And this was obviously pointless, as hackers had enough time to launder the stolen money through exchanges,” Budorin noted.
After the unauthorized withdrawal of $1.46 billion from Bybit, the perpetrators “cleaned” the coins in about ten days. They actively used mixers such as CryptoMixer, Tornado Cash, and Railgun, as well as platforms like Wasabi, THORChain, eXch, Lombard, LI.FI, Stargate, and SunSwap.
According to PeckShield, the industry lost $357.11 million in April due to 18 hacker attacks.
#PeckShieldAlert In April 2025, 18 major crypto hacks were recorded, resulting in $357.11M in total losses. Notably, @zksync, @KiloEx_perp, and @term_labs recovered a combined $14.4M of stolen funds.
Top 5 Hacks in April 2025
—#BTC unauthorized transfer: $330.7M
—@KiloEx_perp… pic.twitter.com/y0ve1cRshS— PeckShieldAlert (@PeckShieldAlert) May 7, 2025
The increase compared to March was 990%. However, the majority of the damage—$330.7 million—was linked to the theft of 3520 BTC from an elderly investor in the US. Scammers used social engineering methods to phish the crypto wallet.
Other major incidents in April included attacks on the DeFi protocol Loopscale ($5.8 million) and the ZKsync airdrop smart contract (~$5 million).
PeckShield specialists noted the increasing prevalence of phishing schemes, confirming CertiK’s findings.
Since the beginning of 2024, losses from crypto hacks have exceeded $3.83 billion, with centralized exchanges and DeFi services being the main targets for hackers.