Bybit reported the detection and blocking of a series of coordinated fake deposit attacks across multiple blockchains. While potential losses could have exceeded 1B DOT, the security team neutralized the attempts in real time, and no users were affected.
The core of the attacks involved attempting to force the exchange system to credit non-existent funds by exploiting vulnerabilities in transaction processing logic. Scammers manipulated how transactions are verified and handled to create the illusion of legitimate operations.
The exchange stated that its monitoring system deconstructs every transaction into atomic operations for independent verification. The system processes batches individually and verifies balances directly rather than relying on logs, while tracking account owners separately. Any transaction with an unusual structure receives a risk score and triggers an immediate investigation.
“Whether the threat comes through batch calls, relayed transfers, or owner manipulation, the system breaks every transaction down into its smallest components and verifies each one independently,” commented David Zong, the Head of Risk Management and Security at Bybit.
Bybit noted that these types of attacks have a long history. Vulnerabilities in the transaction confirmation mechanism at Mt. Gox between 2011 and 2014 resulted in the loss of approximately 850,000 BTC, while a flaw in the Silk Road deposit system in 2012 led to the theft of 51,680 BTC. The exchange classifies the latest incidents as a new generation of these schemes, adapted for modern blockchain transaction models.
Read Also: