shield Phishing · $1.5B loss

Bybit Hack: How $1.5B Was Lost in a Phishing (2025)

Q: When did the Bybit hack happen?

The Bybit exploit was recorded on February 21, 2025 — 417 days ago.

Q: What type of exploit hit Bybit?

The Bybit incident is classified as a Phishing. Users are tricked into signing malicious transactions or approvals that transfer assets to the attacker.

On February 2025, Bybit was exploited in a phishing, resulting in approximately $1.5B in losses. That makes the Bybit exploit the 1st largest DeFi incident out of 690 documented in our archive.

Attack Mechanics: How the Bybit Phishing Played Out

Exploit Class Applied to Bybit

The Bybit incident on February 21, 2025 is classified as a Phishing. Users are tricked into signing malicious transactions or approvals that transfer assets to the attacker. In the full archive, Bybit is 1 of 1 documented phishing incidents.

Bybit Vulnerability Signature

The primary source categorises the Bybit exploit specifically as “Phishing attack”. This narrower label is entity-specific: it reflects how the Bybit contract failed, rather than the broad phishing pattern alone.

Impact & Recovery for Bybit

Bybit Loss Figure

The Bybit exploit caused $1,500,000,000 in losses — a mega ($100M+) incident and the 1st largest of 96 documented in 2025. This single incident represents 82.3% of all tracked losses that year.

Where Bybit Sits Among Phishing Attacks

Ranked by loss size, Bybit is the 1st largest of 1 phishing incidents documented. That puts the Bybit loss above the class average of $1.5B.

Timeline Since the Bybit Incident

The Bybit exploit occurred 1.1 years ago (417 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.

Primary Reference for Bybit

Public post-mortem / on-chain analysis for the Bybit incident: view source.

FAQ

How much did Bybit lose?

The Bybit exploit in February 2025 resulted in $1,500,000,000 in losses — the 1st largest of 96 DeFi incidents that year.

When did the Bybit hack happen?

The Bybit exploit was recorded on February 21, 2025 — 417 days ago.

What type of exploit hit Bybit?

The Bybit incident is classified as a Phishing. Users are tricked into signing malicious transactions or approvals that transfer assets to the attacker.

How common is the Phishing pattern seen at Bybit?

Our archive contains 1 documented phishing incidents. The Bybit incident is one of them.

What experimental result is highlighted as evidence of the model's effectiveness?

The model demonstrated superior accuracy and security, with a packet loss rate below 7%.

What are the three open international standards developed for Building Automation and Control Systems (BACS)?

KNX, LonWorks, and BACnet.