Bybit Deploys AI Shield to Recover 300 Million Dollars as Crypto Fraud Surges

As crypto fraud continues to drain billions from investors worldwide, exchange giantspan>Bybit/span> claims it has turned artificial intelligence into a frontline defense, recovering $300 million for thousands of users in 2025 while blocking millions of attempted account breaches.

In a public update outlining the results of its 2025 Security Initiative, the company said it had “raised the standard in 2025, intercepting $300M in impersonation scams and fraud through our new AI-driven risk framework.” The announcement lands at a moment when trust remains fragile across the sector. According to data fromspan>Chainalysis/span>, roughly $17 billion in digital assets was siphoned off in scams and fraud schemes over the past year alone.

Bybit’s report highlights the scale of the problem — and its response. In the fourth quarter, the platform flagged $500 million in withdrawal requests for review. Of that total, $300 million was successfully intercepted and returned, shielding more than 4,000 users from losses. During the same period, proprietary AI models scanned on-chain activity and identified 350 high-risk investment fraud addresses, preventing potential withdrawal losses for approximately 8,000 additional users.

The exchange also disclosed that it blocked more than three million credential-stuffing attempts in 2025. Such attacks, typically powered by leaked password databases, aim to seize control of user accounts and drain funds before victims can react. Bybit’s system automatically labeled 350 suspicious wallet addresses and manually tagged another 600 through internal review processes, preventing an estimated $1 million in imminent losses.

David Zong, Head of Group Risk Control at Bybit, said the company’s objective was to transform compliance from a reactive process into what he described as an “active and intelligent guardian.” By combining AI-driven on-chain monitoring with intelligence feeds from partners such asspan>TRM Labs/span>,span>Elliptic/span> andspan>Chainalysis/span>, the exchange sought not only to protect its own users but also to “map the DNA of fraudulent networks.”

Central to that effort is a three-tier risk framework designed to escalate intervention without disrupting legitimate trading. At the lowest level, big data analytics detect anomalies such as large withdrawals to newly created addresses, triggering automated questionnaires and internal reviews. Medium-risk cases generate real-time alerts during withdrawal processes, particularly when accounts are flagged in credential-stuffing databases or linked to suspect wallets. At the highest tier, addresses associated with confirmed scams face immediate withdrawal blocks and a mandatory one-hour cooling-off period.

Beyond internal safeguards, Bybit said it is standardizing monitoring indicators that could serve as a broader industry template. These include an anti-credential stuffing engine, real-time AI pattern recognition for so-called pig butchering schemes, and cross-chain tracing tools to follow illicit flows across networks.

Whether such measures can meaningfully curb industry-wide fraud remains an open question. Yet as exchanges face mounting regulatory scrutiny and user skepticism, demonstrable recoveries — and the promise of proactive AI surveillance — may become essential to restoring confidence in digital asset markets.