Despite the staggering loss of $1.4 billion in the recent Bybit hack, the approach to cybersecurity within the cryptocurrency sector remains largely unchanged. In a recent interview with Cointelegraph at the Token2049 event in Dubai, Hacken CEO Dyma Budorin expressed concern that many crypto companies still rely on limited security measures such as bug bounties and penetration tests. He stated, “Most of the projects think, ‘Okay, we did pentests. That’s enough. Maybe bug bounty. That’s enough.’ It’s not enough.”
Budorin emphasized the need for a shift in mindset among crypto companies, advocating for a more layered approach to security akin to that employed by traditional industries. This includes integrating supply-chain security, operational security, and blockchain-specific assessments into their security protocols. He noted, “In big Web2 companies, this is mandatory.”
Real-Time Blacklisting: A Step Forward
While the overall approach to crypto security remains stagnant, there are signs of progress in post-hack security measures. According to Budorin, Chainalysis has introduced near real-time blacklisting of stolen funds, which is a notable improvement over their previous standard of blacklisting within three days. He remarked, “This is great because hackers had enough time to launder the stolen money previously.”
The Bybit hack, which took place on February 21, 2025, exemplifies the urgency for enhanced security practices. The breach exploited a vulnerability in a Safe wallet, resulting in $1.4 billion worth of crypto being stolen. Following the hack, the perpetrators successfully laundered 100% of the stolen funds within just ten days, highlighting the critical delay in existing detection protocols.
While faster blacklisting represents a positive development, Budorin cautioned that fundamental vulnerabilities in practices remain unaddressed. “In terms of the practice, cybersecurity, nothing changed,” he stated, underscoring the need for deeper structural reforms.
April’s Crypto Losses: A Stark Reminder
April 2025 witnessed a staggering near $360 million loss in digital assets across 18 hacking incidents, significantly up from $33 million in March—a shocking 990% increase. Notably, a large portion of these losses stemmed from an unauthorized Bitcoin transfer that amounted to $330 million, which was identified as a result of a social engineering attack targeting an elderly individual in the United States.
As the cryptocurrency sector continues to grow and evolve, the pressing need for enhanced security measures cannot be overstated. The industry must adopt a more comprehensive, layered approach to cybersecurity to mitigate these risks and safeguard user assets from future threats.
