Bybit said it blocked or terminated more than $300 million worth of suspected fraud-related funds in the fourth quarter of 2025 after implementing an AI risk monitoring system designed to flag malicious transactions before they exit the exchange.
In a company blog post, Bybit said its system flagged nearly $500 million in withdrawal requests during the quarter, and that more than 4,000 users were “protected” after the platform warned of a real risk or blocked transactions altogether.
David Zong, head of Bybit’s risk control team, told Cointelegraph that most of the $300 million total reflects that users voluntarily canceled after seeing the warnings, meaning the funds remained in their accounts rather than demanding refunds or compensation.
“Because the withdrawal was stopped before it was completed, the funds were not charged or refunded. They always remained in the users’ accounts.”
Bybit said the system also identified 350 high-risk investment fraud addresses, which protected 8,000 users from potential withdrawal losses in the previous quarter. It also prevented more than three million credential stuffing attacks attempted by hackers during 2025.
Cryptocurrency hackers will lose $3.4 billion by 2025 as hackers focus on major crypto assets.
How the risk framework works
Bybit’s internal risk detection system is designed to prevent fraudulent attempts to withdraw funds before suspicious transactions occur.
related to: White Hat recovers $1.8 million after using $2.3 million in Foom Cash
Funds that are marked as high risk, depending on the severity of the case, either a warning is issued or the transaction is closed in real time.
The third-party theft prevention framework relies on exchange data to flag unusual patterns such as mass leaks, allowing Bybit’s operations team to preemptively blacklist risky destination addresses.
The crypto industry needs proactive security measures
Cybersecurity experts have urged the industry to adopt real-time threat monitoring systems powered by AI to prevent cybercrime.
Implementing AI-based anomaly detection could help the industry protect against hackers who break into companies to steal funds or sensitive data, Deddy Lavid, co-founder and CEO of blockchain cybersecurity firm Cyvers, told Cointelegraph last year.
related to: Alleged insider wallets boost ZachXBT’s Axiom betting by $1.2 million
Coinbase’s May 2025 data breach exposed the wallet balances and physical locations of about 1% of the exchange’s monthly users, prompting up to $400 million in refunds.
Magazine: Thailand’s “Big Secret” Crypto Hack, Chinese Developer RWA Tokens: Asia Express
