Oh Bybit

Good morning. Today, we’re going to take a look at the recent Bybit crypto exchange hack.

Every Wednesday, we’ll share an article exploring the rapidly evolving global custody sector. Every Friday, we’ll bring you a curated roundup of the most important news and insights affecting our industry.

Recently, cryptocurrency exchange Bybit suffered what many are calling the largest crypto theft ever recorded, losing about $1.5 billion worth of Ethereum (ETH) from a cold wallet. The breach rattled the entire digital asset community, but Bybit quickly promised to replace the stolen funds and kept withdrawals open—moves that helped prevent a widespread panic about the exchange’s finances.

How the Hack Happened

Early investigations point to a mix of social engineering—tricking people into doing something they normally wouldn’t—and a sophisticated manipulation of Bybit’s Gnosis Safe multi-signature wallet. In simple terms, attackers fooled key individuals into approving a malicious transaction that looked routine, but actually granted access to the underlying wallet smart contract. Multi-signature wallets are generally considered secure, but this incident shows they can still fail if proper checks aren’t in place and if people don’t see exactly what they’re signing.

Harry Donnelly provides a more detailed explanation of how the hack happened over at his Substack:

Possible State Sponsorship

Investigators suspect the thieves might be backed by a government, highlighting how cybersecurity threats can have global implications. In response, Bybit went public with the details, live-streaming its management team, and worked with other exchanges to block the stolen funds’ addresses. This level of openness earned praise but still left Bybit with a dent in its security reputation.

Looking for unbiased, fact-based news? Join 1440 today.

Upgrade your news intake with 1440! Dive into a daily newsletter trusted by millions for its comprehensive, 5-minute snapshot of the world's happenings. We navigate through over 100 sources to bring you fact-based news on politics, business, and culture—minus the bias and absolutely free.

Subscribe to 1440 today.

Key Lessons for Crypto Custodians

The hack underscores that cold storage (keeping crypto offline) and multi-signature wallets aren’t foolproof. To protect large sums of money, custodians need:

1. Strict Operational Procedures: Constant oversight and clear internal checks.

2. User-Friendly Warnings: So anyone signing a transaction knows exactly what they’re approving.

3. Social Engineering Defenses: Training and safeguards to prevent staff from being tricked.

4. Advanced Techniques: Some experts recommend methods like multi-party computation (MPC), which splits control of the assets so no single key or person can make a transaction alone.

Regulatory and Industry Reactions

Because of the hack’s size, many expect stronger rules for exchanges, including:

• Stricter Security and Capital Requirements

• Real-Time Proof-of-Reserves Audits

• Mandatory Cyber Insurance

There’s also likely to be more information sharing among exchanges, blockchain analytics firms, and law enforcement to identify and freeze stolen assets. Over time, these measures might boost public trust in centralized platforms, though some users may still prefer to self-custody (hold their own crypto) or switch to smaller, decentralized options.

The glacial pace of regulation around the world on digital asset frameworks doesn’t help anyone. Time and again, a stronger control environment would have prevented this loss.

Looking Ahead

No cryptocurrency exchange wants to face a major hack. Bybit recently dodged a crisis by quickly agreeing to reimburse affected users and keeping its platform running during the incident. To stop similar events, Bybit and other exchanges must prioritize improving their security systems. This hack has led to a stronger push for better security and accountability in the crypto industry. The key question is whether Bybit can win back users' trust and recover from the loss of asset inflows.

These significant losses highlight a long-standing issue in digital assets: poor risk management. In well-regulated global custodians, such failures wouldn’t be accepted. While operational risks can cause losses, transferring billions in US Treasuries or securities from a central depository is much more complicated than what occurred with Bybit.

Key Takeaways

• The Bybit hack shows that many centralised crypto exchanges have weaker risk management compared to traditional financial market infrastructures.

• Losing $1.5 billion in crypto is easier than stealing billions in US Treasuries or securities from regulated custodians. The attackers will launder that money over years.

• The digital asset space still struggles with poor control environments, making big hacks more likely.

• Highly regulated global custodians have stronger protections that make such large thefts much harder.

• Fragmented global regulation on digital assets only keeps the odds of these sort of hacks higher than it could be.

What’s next?

You can now follow us on LinkedIn:

For the next few Wednesday editions, we’ll keep exploring digital assets in more detail and how they are very different from other asset classes when it comes to global custody and what institutional clients will need from an asset servicing viewpoint. We’ll keep sending our industry news roundup every Friday.