{"id":125403,"date":"2025-03-19T16:19:19","date_gmt":"2025-03-19T16:19:19","guid":{"rendered":"http:\/\/cryptospotters.net\/?p=125403"},"modified":"2025-03-19T16:19:19","modified_gmt":"2025-03-19T16:19:19","slug":"certik-exec-explains-how-to-keep-crypto-safe-after-1-4b-bybit-hack","status":"publish","type":"post","link":"http:\/\/cryptospotters.net\/?p=125403","title":{"rendered":"CertiK exec explains how to keep crypto safe after $1.4B Bybit hack"},"content":{"rendered":"<p>Source: Cointelegraph.com NewsThe February hack against Bybit sent ripples through the industry after $1.4 billion in Ether-related tokens was stolen from the centralized exchange, reportedly by the North Korean hacking collective Lazarus Group, in what was the most costly crypto theft ever.<br \/>\nThe fallout from the hack has left many people wondering what went wrong, whether their own funds are safe, and what should be done to prevent such an event from happening again.<br \/>\nAccording to blockchain security company CertiK, the massive heist represented roughly 92% of all losses for February, which saw a nearly 1,500% increase in total lost crypto from January as a result of the incident.<br \/>\nOn Episode 57 of Contelegraph\u2019s The Agenda podcast, hosts Jonathan DeYoung and Ray Salmond speak with CertiK\u2019s chief business officer, Jason Jiang, to break down how the Bybit hack happened, the fallout from the exploit, what users and exchanges can do to keep their crypto secure, and more.<br \/>\nAre crypto wallets still safe after Bybit hack?<br \/>\nPut simply, Lazarus Group was able to pull off the massive hack against Bybit because it managed to compromise the devices of all three signers who controlled the multisignature SafeWallet Bybit was using, according to Jiang. The group then tricked them into signing a malicious transaction that they believed was legit.<br \/>\nDoes this mean that SafeWallet can no longer be trusted? Well, it\u2019s not so simple, said Jiang. \u201cIt is possible that when the Safe developer\u2019s computer got hacked, more information was leaked from that computer. But I think for the individuals, the likelihood of this happening is rather low.\u201d<br \/>\nHe said there are several things the average user can do to drastically increase their crypto security, including storing assets on cold wallets and being aware of potential phishing attacks on social media.<br \/>\nSource: CertiKWhen asked whether hodlers could see their Ledger or Trezor hardware wallets exploited in a similar manner, Jiang again said that it\u2019s not a big risk for the average user \u2014 as long as they do their due diligence and transact carefully.<br \/>\n\u201cOne of the reasons that this happened was that the signers were like a blind-send-signing the order, just simply because their device did not show the full address,\u201d he said, adding, \u201cMake sure that the address you are sending to is what you\u2019re intending to, and you want to double check and triple check, especially for larger transactions.\u201d<br \/>\n\u201cI think after this incident, this is probably going to be one of the things the industry will try to correct itself, to make the signing more transparent and easier to recognize. There are so many other lessons being learned, but this is certainly one of them.\u201d<br \/>\nHow to prevent the next multibillion-dollar exchange hack<br \/>\nJiang pointed to a lack of comprehensive regulations and safeguards as a potential element contributing to the ongoing fallout from the hack, which fueled debates over the limits of decentralization after several validators from crosschain bridge THORChain refused to roll back or block any of Lazarus Group\u2019s efforts to use the protocol to convert its funds into Bitcoin (BTC).<br \/>\n\u201cWelcome to the Wild West,\u201d said Jiang. \u201cThis is where we are right now.\u201d<br \/>\n\u201cFrom our view, we think crypto, if it is to be flourishing, it needs to hug the regulation,\u201d he argued. \u201cTo make it easy to be adopted by the mass general here, we need to hug the regulation, and we need to figure out ways to make this space safer.\u201d<br \/>\nRelated: Financial freedom means stopping crypto MEV attacks \u2014 Shutter Network contributor<br \/>\nJiang commended Bybit CEO Ben Zhou on his response to the incident, but he also pointed out that the exchange\u2019s bug bounty program prior to the hack had a reward of just $4,000. He said that while most people in cybersecurity are not motivated by money alone, having larger bug bounties can potentially help exchanges stay more secure.<br \/>\nWhen asked about the ways exchanges and protocols can motivate and retain top-tier talent to help protect their systems, Jiang suggested that security engineers don\u2019t always get the credit they deserve.<br \/>\n\u201cA lot of people say that the first-degree talent goes to the developers because that\u2019s where they will get most rewarding,\u201d he said. \u201cBut it\u2019s also about us giving enough attention to the security engineers. They carry a huge responsibility.\u201d<br \/>\n\u201cCut them some slack and try to give them more credit. Whether it\u2019s monetary or whether it\u2019s recognition, give them what we can afford, and make it reasonable.\u201d<br \/>\nTo hear more from Jiang\u2019s conversation with The Agenda \u2014 including how CertiK carries out audits, how quantum computing and AI will impact cybersecurity, and more \u2014 listen to the full episode on Cointelegraph\u2019s Podcasts page, Apple Podcasts or Spotify. And don\u2019t forget to check out Cointelegraph\u2019s full lineup of other shows!\u00a0<br \/>\nMagazine: Bitcoin vs. the quantum computer threat \u2014 Timeline and solutions (2025\u20132035)<br \/>\nThis article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts, and opinions expressed here are the author\u2019s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.<a href=\"https:\/\/cointelegraph.com\/news\/certi-k-exec-explains-how-to-keep-crypto-safe-following-1-4-b-bybit-hack?utm_source=rss_feed&amp;utm_medium=rss&amp;utm_campaign=rss_partner_inbound\" target=\"_blank\" class=\"feedzy-rss-link-icon\" rel=\"noopener\">Read More<\/a><\/p>","protected":false},"excerpt":{"rendered":"<p>Source: Cointelegraph.com NewsThe February hack against Bybit sent ripples through the industry after $1.4 billion in Ether-related tokens was stolen from the centralized exchange, reportedly by the North Korean hacking&hellip; <\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[],"_links":{"self":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/posts\/125403"}],"collection":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=125403"}],"version-history":[{"count":0,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/posts\/125403\/revisions"}],"wp:attachment":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=125403"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=125403"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=125403"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}