Bybit, the world's second-largest cryptocurrency exchange by trading volume, has released the comprehensive results of its 2025 Security Initiative, revealing it intercepted and recovered $300 million from fraudulent withdrawals and scam attempts in the fourth quarter of 2025 alone. The initiative protected more than 4,000 users from financial loss during that period.
The success stems from Bybit's deployment of an industry-leading, multi-layered defense architecture centered on a Dynamic Risk-Based protection system. This AI-driven framework classifies potential scam incidents into three tiers, intervening before funds are irreversibly lost. The backdrop for this effort is stark: analytics firm Chainalysis estimates that $17 billion in cryptocurrency was lost globally to scams and fraud in 2025.
The Three-Tier Security Shield operates as follows:
Tier 1: Early Warning (Low Risk): Leveraging big-data analytics to identify unusual patterns, such as large withdrawals to a single new address. Bybit's team proactively investigates and blacklists these dangerous destinations.
Tier 2: Real-time Alert (Medium Risk): For accounts flagged via credential-stuffing databases or linked to suspicious addresses, the system triggers real-time alerts during the withdrawal process, prompting users to pause and review the transaction.
Tier 3: Immediate Block and Cooling-off (High Risk): For addresses linked to confirmed scams like "pig butchering" investment schemes, the system immediately blocks the withdrawal and enforces a mandatory one-hour cooling-off period, requiring user verification and review.
The Q4 2025 results demonstrate the system's efficacy. Out of $500 million in flagged withdrawals, the $300 million was recovered. Bybit's proprietary AI algorithms identified 350 high-risk investment fraud addresses through on-chain data. Furthermore, the platform's Infrastructure Resilience efforts in 2025 successfully foiled more than 3 million credential theft attempts.
Bybit emphasizes security as a collective responsibility, integrating intelligence from industry partners like TRM, Elliptic, and Chainalysis. David Zong, Head of Group Risk Control at Bybit, stated, "Our mission in 2025 was to transform risk control from a 'silent shield' into an active, intelligent guardian... We are sharing these standardized monitoring clues across the ecosystem because a safer industry for one is a safer industry for all." Additional on-chain vigilance efforts in Q4 led to the auto-labeling of 350 addresses and manual tagging of 600 more via support tickets, preventing an estimated $1 million in imminent losses.
