Bybit said it blocked or disrupted more than $300 million worth of suspected scam-related withdrawals in the fourth quarter of 2025 after rolling out an AI-assisted risk monitoring system designed to flag malicious transactions before funds leave the exchange.

In a company blog post, Bybit said its system flagged about $500 million in withdrawal requests during the quarter and that more than 4,000 users were “protected” after the platform issued real-time risk alerts or blocked transactions outright.

Bybit’s head of group risk control, David Zong, told Cointelegraph that much of the $300 million total reflects withdrawals users voluntarily cancelled after seeing warnings, meaning the funds remained in their accounts rather than requiring clawbacks or reimbursement.

“Because the withdrawals were stopped prior to completion, the funds did not require recovery or reimbursement. They remained in users’ accounts at all times.”

Bybit said the system also identified 350 high-risk investment fraud addresses that shielded 8,000 users from potential withdrawal losses during the previous quarter. It also thwarted over three million credential stuffing attacks attempted by hackers throughout 2025.

Cryptocurrency hacks resulted in $3.4 billion in losses during 2025, as hackers turned their focus to large crypto entities.

How the risk framework works

Bybit’s internal risk detection system aims to prevent fraudulent withdrawal attempts before a malicious transaction occurs.

Related: White hat helps recover $1.8M after $2.3M Foom Cash exploit

Withdrawals flagged as high-risk are either issued a warning prompt or have the transaction blocked in real-time, depending on the severity of the case.

The triple-tied theft prevention framework relies on exchange data to flag unusual patterns such as mass withdrawals, allowing Bybit’s operations team to preemptively blacklist dangerous destination addresses.

Crypto industry needs pre-emptive security measures

Cybersecurity experts have called for the industry to adopt real-time, AI-powered threat monitoring systems to fend off cybercrime.

Implementing AI-based anomaly detection may help the industry defend against hackers infiltrating companies to steal funds or sensitive data, Deddy Lavid, co-founder and CEO of blockchain cybersecurity company Cyvers, told Cointelegraph last year.

Related: Suspected insider wallets rack up $1.2M betting on ZachXBT’s Axiom exposé

A Coinbase data breach in May 2025 exposed the wallet balances and physical locations of about 1% of the exchange’s monthly users, costing the exchange up to $400 million in reimbursement expenses.

Magazine: Thailand’s ‘Big Secret’ crypto hack, Chinese developer’s RWA tokens: Asia Express

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently. Read our Editorial Policy https://cointelegraph.com/editorial-policy