Bybit was hacked for 1.5 billion USD, Infini was attacked by hackers again: How to strengthen the security defense of Web3 wallets.

CN
AiCoin
Follow
10 hours ago

Recently, the cryptocurrency industry has experienced a series of significant security incidents, with well-known trading platform Bybit and stablecoin digital bank Infini both suffering from hacker attacks, resulting in substantial losses.

Bybit stolen 1.5 billion USD, Infini attacked by hackers again: How to strengthen the security line of Web3 wallets_aicoin_image1

Bybit faces the largest cryptocurrency theft in history

On February 21, 2025, the globally renowned cryptocurrency exchange Bybit was attacked by hackers, resulting in the theft of approximately 1.5 billion USD worth of Ethereum. This attack is considered the largest theft incident in the history of the cryptocurrency industry. The hackers exploited a security vulnerability during a routine transfer from a cold wallet to a hot wallet, gaining control of Bybit's cold wallet and transferring 401,000 Ethereum to an unknown address. Despite the severe blow, Bybit's CEO Ben Zhou assured customers that the company remains solvent, with all customer assets backed 1:1, and unaffected wallets and withdrawal functions operating normally. Bybit is collaborating with blockchain forensic experts to trace the stolen funds and has launched a bounty program offering up to 10% rewards to ethical hackers who assist in recovering the stolen cryptocurrency.

Infini attacked by hackers again, losing nearly 50 million USD

Just three days after the Bybit incident, on February 24, 2025, stablecoin digital bank Infini also encountered a major security event. Hackers exploited a technical vulnerability to steal approximately 49.5 million USD from the Infini platform. It is reported that the attackers exchanged 49.5 million DAI for about 17,700 Ethereum and attempted to obscure the flow of funds using mixing services like Tornado Cash. Infini's officials have urgently frozen the relevant accounts and promised to fully compensate affected users for their losses.

Bybit stolen 1.5 billion USD, Infini attacked by hackers again: How to strengthen the security line of Web3 wallets_aicoin_image2

Overview of Web3 security measures and threats

Proactive security: As risks in the Web3 space increase, it is crucial to adopt proactive security measures. Learning from past mistakes can effectively prevent becoming a victim of common attack methods.

Zero Trust Principle: One of the core security principles is the "Zero Trust Principle," which advises users not to trust anyone or any tool in the blockchain environment and to independently verify the credibility of all transactions and signature operations.

Risk awareness: Stay away from platforms with potential risks or security vulnerabilities, especially those rumored to have security issues. When risk signals are detected, prioritize asset security.

Emerging attack methods

Social engineering: Cybercriminals often impersonate customer service, celebrities, or friends to trick users into revealing private keys or mnemonic phrases. Always remain vigilant and avoid clicking on unfamiliar links.

Internal infiltration: Advanced attackers (such as North Korean hacker groups) may enter companies through job applications, working in sensitive departments like asset management, security architecture, or finance, launching attacks from within.

Address spoofing: Attackers can generate cryptocurrency addresses that closely resemble real addresses (with the same first and last characters). To avoid being deceived, users are advised to carefully verify the complete transaction ID (Txid) and at least 5-6 characters in the middle of the address.

Public WiFi risks: Using public WiFi may lead to devices being infected with malware or trojans, resulting in asset theft. It is recommended to avoid connecting to public WiFi in hotels or social events and to use personal hotspots whenever possible.

Bybit stolen 1.5 billion USD, Infini attacked by hackers again: How to strengthen the security line of Web3 wallets_aicoin_image3

How can users protect their Web3 wallets?

1. Choose the right type of wallet

Cold wallets (hardware wallets): Devices like Ledger and Trezor store private keys offline, providing a high level of security.

Hot wallets (software wallets): Such as MetaMask, are convenient for online transactions but require enhanced security measures.

2. Properly manage private keys and mnemonic phrases

Offline storage: Record private keys and mnemonic phrases on fireproof materials and store them in a secure physical location, avoiding online storage.

Never disclose: Under no circumstances should you reveal your private keys or mnemonic phrases to others or websites.

3. Be wary of social engineering attacks

Phishing websites: Avoid clicking on links from unknown sources, and always download wallet applications from official websites.

Fake customer service: Do not trust messages claiming to be from customer service; official channels typically do not proactively request your sensitive information.

4. Exercise caution during authorization operations

Transaction authorization: When authorizing tokens, carefully verify the authorized entity to avoid granting permissions to malicious contracts or personal accounts.

Regular checks: Use tools like Revoke.cash to regularly review and revoke unnecessary token authorizations.

5. Avoid using public networks

Public Wi-Fi risks: Public networks may pose security risks; try to use private networks or personal hotspots for transaction operations.

6. Regularly update and audit

Software updates: Timely update wallets and related applications to ensure they include the latest security patches.

Code audits: For developers, conduct regular code audits to promptly identify and fix potential vulnerabilities.

7. Multi-signature and permission management

Multi-signature: Enable multi-signature features to increase transaction security and prevent single points of failure.

Permission settings: On supported blockchains, configure account permissions reasonably to prevent unauthorized operations.

Conclusion

The series of hacker attacks on Bybit and Infini serves as a reminder to investors and platform operators that the high returns in the cryptocurrency market come with high risks. Whether it is exchanges, DeFi platforms, or individual users, it is essential to remain vigilant and strengthen security measures to ensure asset safety.

Disclaimer: The above content does not constitute investment advice.

AiCoin official website: www.aicoin.com

Telegram: t.me/aicoincn

Twitter: x.com/AiCoinzh

Email: support@aicoin.com

Group chat: Customer Service YingyingCustomer Service KK

免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。

Share To

Related Articles

avatar
avatar链捕手
17 minutes ago
Daily Report | Binance HODLer airdrop launched GoPlus Security (GPS); French crypto market maker Flowdesk completes $102 million financing.
avatar
avatar道说Crypto
20 minutes ago
Which tokens are worth dollar-cost averaging? | Q&A
avatar
avatar一凡谈币
1 hour ago
Price trend is weak! 20250304
avatar
avatar老李迫击炮
1 hour ago
Trump imposed tariffs on Canada and Mexico, and the US stock market along with the cryptocurrency market led by BTC experienced a journey from heaven to hell in 24 hours.
avatar
avatarMatrixport
1 hour ago
Matrixport Market Observation: BTC's Binding with Macroeconomic Data Deepens, Trump's Tariff Policy Greatly Hurts the Market
APP

X

Telegram

Facebook

Reddit

CopyLink