![[Security Monthly Report] | Losses caused by vulnerabilities, hackers and fraud in February were approximately US$1.782 billion](https://cdn-img.panewslab.com/panews/images/WpOFu1T644.jpg)
The monthly security event highlights of Zero Hour Technology have begun! According to statistics from some blockchain security risk monitoring platforms, the losses caused by vulnerabilities, hackers and fraud in February 2025 were about 1.782 billion US dollars, and 20 cryptocurrency hacker attacks occurred, causing a loss of about 1.51 billion US dollars, and 52.45 million US dollars were frozen or returned. According to statistics from Web3 anti-fraud platform Scam Sniffer, there were 7,442 victims of phishing incidents this month, with a loss of 5.32 million US dollars.
Hacker attacks
7 typical safety incidents
(1) On February 5, according to the monitoring of the Zero Hour Technology Security Team, a series of attacks on Ionic Money were launched on Mode Chain. The main cause of this vulnerability was that the IonicMoney project did not verify whether the contract corresponding to the asset was officially deployed when creating the lending pool, resulting in the undeleting asset of the lending pool being a fake token. This attack resulted in a total loss of approximately 8.5 MUSD.
Zero Hour Technology || Analysis of the IonicMoney attack
(2) On February 12, the decentralized finance (DeFi) protocol zkLend suffered a major security breach, resulting in the theft of approximately 3,300 ETH (approximately US$8.5 million). The attacker exploited a vulnerability in the zkLend smart contract to withdraw user funds from its liquidity pool without authorization and quickly concentrated the funds into a wallet controlled by the attacker. After the incident, the zkLend team took quick action and issued an announcement through its Ethereum ZEND token deployer account and confirmed the authenticity of the announcement through its official X account.
![[Security Monthly Report] | Losses caused by vulnerabilities, hackers and fraud in February were approximately US$1.782 billion](https://cdn-img.panewslab.com/panews/images/7088199CHX.png)
![[Security Monthly Report] | Losses caused by vulnerabilities, hackers and fraud in February were approximately US$1.782 billion](https://cdn-img.panewslab.com/panews/images/Q9XWGNs7n9.png)
(3) On February 12, according to the monitoring of the Zero Hour Technology Security Team, the Four.meme project was attacked. Four.meme is a memecoin launchpad incubated by Binance Academy that is similar to pump.fun. The cause of this vulnerability is that when Four.meme's bonding curve process in the internal disk was 100%, it was migrated to DEX. Use createAndInitializePoolIfNecessary to create a PancakeSwap trading pair. It did not take into account the situation that the trading pair had been created in advance, because it mistakenly used the trading pair that the attacker had created and initialized in advance, and added liquidity using the wrong price set by the attacker. As a result, the price of the memecoin soared after the migration, and then the attacker used the memecoin in his hand to empty the WBNB in the pool to complete the attack. The total loss of this attack was about 15,000 USD.
Zero Hour Technology || Analysis of the Four.meme attack
(4) On February 18, Abstract discovered that a security incident occurred in the Cardex application in The Portal, affecting approximately 9,000 wallets and causing a total loss of approximately $400,000 in ETH. The key in the Cardex front-end code was leaked, resulting in the intrusion of the session signing wallet. Since the session signing wallet was shared by all sessions, all users who created sessions on Cardex were affected.
(5) On February 21, the Zero Hour Technology Security Team detected a major security incident involving the Bybit exchange. At 02:16 UTC that night, we detected that the Bybit Cold Wallet initiated a large transfer of 401,346 ETH, 8,000 mETH, 90,375 stETH and 15,000 cmETH worth approximately 1.5 billion USD. In this attack, the Bybit exchange lost a total of US$1.5 billion. According to the information currently available, the fund tracking and freezing work of the Bybit theft incident is still ongoing. As of March 3, with the coordinated efforts of multiple parties, Bybit has successfully frozen approximately US$43.65 million of stolen funds.
Zero Hour Technology || Analysis of the Bybit attack
![[Security Monthly Report] | Losses caused by vulnerabilities, hackers and fraud in February were approximately US$1.782 billion](https://cdn-img.panewslab.com/panews/images/eZf1S68yTp.png)
(6) On February 24, Certik Alert detected suspicious fund outflows from unverified contracts on Ethereum, valued at approximately US$49.5 million. Hackers converted the funds into DAI and exchanged them for 17,696 ETH. DeFi community YAM pointed out that it was suspected that Infini Earn Funds were stolen. According to SlowMist Cosine monitoring, the Infini hacker is very technical and understands the operation of smart contracts. Only with a private key could he steal the funds in his Vault and related strategies. He stole two times: 11,455,666 USDC and 38,060,996 USDC. The theft was caused by the leakage of private keys and excessive permissions.
(7) On February 27, the CyversAlerts artificial intelligence system detected suspicious transactions related to suji_yan. A suspicious address received nearly 4M digital assets, including: 113 ETH, 923 WETH, 301 ezETH, 156 weETH, 90 pufET, 48.4K MASK, 50K USDT, 15 swETH. The stolen assets were immediately exchanged for ETH and distributed to six different addresses.
![[Security Monthly Report] | Losses caused by vulnerabilities, hackers and fraud in February were approximately US$1.782 billion](https://cdn-img.panewslab.com/panews/images/96M3a1L8Hl.png)
![[Security Monthly Report] | Losses caused by vulnerabilities, hackers and fraud in February were approximately US$1.782 billion](https://cdn-img.panewslab.com/panews/images/VV2cidg1cb.jpg)
Rug Pull / Phishing Scam
4 typical safety incidents
(1) On February 6, the address starting with 0x2993 lost mooConvexETH+, FLUID, and aEthWETH worth $156,183 after signing multiple phishing signatures.
(2) On February 18, the address starting with 0x1cab lost $308,500 worth of TEL after signing a phishing transaction.
(3) On February 18, the address starting with 0x356e lost $629,812 worth of Aave WETH and 2 Doodles after signing multiple phishing transactions.
(4) On February 27, the address starting with 0xadfc lost $158,300 worth of PENDLE-LPT after signing a phishing transaction.
Summarize
In February, the losses caused by cryptocurrency hacking reached $1.51 billion. It became the heaviest loss in the history of cryptocurrency, with the Bybit incident alone causing a loss of $1.43 billion. In addition, $52.45 million in funds were successfully frozen or recovered. Faced with frequent attacks, many parties in the industry responded quickly, actively participated in the action of curbing losses, and fought against malicious acts with all their strength. At the same time, the overall defense system of the industry is gradually being strengthened, and the collaboration mechanism is becoming more mature and efficient. Finally, the Zero Hour Technology Security Team recommends that project parties always remain vigilant and remind users to beware of phishing attacks. It is recommended that users fully understand the background and team of the project before participating in the project, and carefully choose investment projects. In addition, internal security training and authority management should be carried out, and professional security companies should be found to conduct audits and conduct project background investigations before the project goes online.
