Author: Orest Gavryliak, Chief Legal Officer of 1inch Labs
In February of this year, Bybit experienced a security breach that set a record for the largest hacking incident in cryptocurrency history. North Korean cybercriminals instantly stole over $14 billion, an event that shocked the world and briefly became international news headlines.
According to a report by TRM Labs, the total losses from attacks on crypto assets reached as high as $21 billion in the first half of 2025. Such enormous losses have not curbed the ongoing occurrence of hacking attacks.
Despite the widespread attention these large-scale thefts have garnered, there has been far less focus on how hackers launder stolen crypto assets. These devastating events have provided profound lessons for centralized exchanges and DeFi protocols.
For trading platforms relied upon by millions of users globally, the transaction signing process urgently needs significant reform. Simply relying on summary information from the user interface is no longer sufficient to meet security needs; manually parsing and verifying call data has become key to ensuring the safety of funds. Only in this way can management teams ensure that cold wallet funds are safely transferred to the target address.
At the same time, there is an urgent need to introduce cutting-edge solutions such as "smart co-signers" specifically designed to verify transactions and their signatures. Even if all surface approval processes have been passed, this mechanism can still automatically intercept and reject suspicious requests.
Currently, transactions can be simulated before signing, combined with real-time threat intelligence to identify and flag high-risk call data. Actively adopting multi-party secure computation (which splits private keys into multiple shards, never reassembling them into a complete private key) is expected to become a safer alternative than smart contracts.
In a recent series of cryptocurrency hacking incidents, attackers frequently manipulated interfaces to induce management personnel to mistakenly authorize malicious transfers. Of the 75 attacks that have occurred this year, over 80% of the stolen assets originated from so-called infrastructure vulnerabilities, with single-instance losses far exceeding other types of attacks, averaging ten times higher.
It is evident that hacking attacks are gradually showing a clear pattern. If centralized exchanges (CEX) do not timely adjust their response measures in the face of established threats, it will be increasingly unacceptable.
First, it must be made difficult for hackers to view exchanges as "personal piggy banks" that they can access at will; strong security measures must be implemented to completely block various attack paths. At the same time, when hackers attempt to transfer illegal funds through decentralized platforms, relevant systems also urgently need to achieve critical improvements.
Bybit CEO Ben Zhou's frustration was evident when he tried to freeze the stolen ETH in February of this year. Blockchain analysis showed that the funds were split into hundreds of transactions across numerous wallets—$14 billion was divided into countless tiny fragments. In the podcast When Shift Happens, he mentioned that he had tried to contact relevant platforms, but by the time he received a response, the assets had already been transferred elsewhere.
This is precisely why DeFi protocols must intensify their efforts to prevent hackers from exploiting infrastructure. Combining risk intelligence, transaction monitoring, wallet screening, and risk management software can effectively play a role while ensuring that decentralized principles are not compromised.
Some solutions employ 24/7 real-time intelligent monitoring, while others introduce human intelligence to ensure a quick response to emergencies. When combined with a multi-task risk management dashboard tailored for DeFi, these technologies can monitor and screen interactions and transactions, instantly identify suspicious addresses, monitor wallet partitions, and dynamically manage based on real-time risk scores.
This multi-layered defense system can detect malicious behavior within seconds, allowing security teams to identify abnormal activities, collaborate with external intelligence agencies, and decisively take action in complex or uncertain situations, fully leveraging the importance of human judgment. In this way, suspicious wallets and IP connections can be intercepted in a timely manner before any loss of funds occurs.
Healthy competition between exchanges and DeFi protocols is understandable, and users should enjoy diverse choices. However, any platform that suffers an attack should be viewed as a threat affecting the entire industry.
Close collaboration is not merely a public relations stance; it is key to forming a united front to jointly combat hacker activities that threaten the future of the industry. Every security incident undermines user confidence; if hacking incidents continue to occur, regulators may ultimately have to implement restrictive measures, harming law-abiding crypto users and developers alike.
From its inception, DeFi protocols have been open to all users, unlike the regulatory, management, or "law enforcement" mechanisms of centralized solutions. The non-custodial model means that DeFi developers cannot freeze illegal funds flowing through their platforms. Since legislators may not fully understand how DeFi platforms operate, developers are often blamed for the actions of others, even if the related transactions were not their doing.
Recent cryptocurrency hacking incidents should serve as a wake-up call for the industry. Responsible DeFi developers urgently need to work together to establish governance and security models that match technological developments. Thoughtful protocol design, layered defense systems, and ongoing security audits are expected to make crypto hacking attacks unprofitable for opportunists.
A deeper reality is that if the crypto industry cannot achieve self-regulation, it may become one of the strongest arguments against free markets.
Although traditional finance (TradFi) has its flaws, it operates under clear rules set and enforced by regulatory agencies, and this central planning has played a role in buffering systemic risks and crime. DeFi prides itself on eliminating intermediaries and embracing pure market mechanisms. However, reality has repeatedly proven that without the most basic coordination or safeguards, absolute freedom is also difficult to sustain.
The ideal state may not be a 100% free market, but rather 85% freedom, plus a 15% programmable rule layer to maintain security, prevent abuse, and promote trust. This is not a simple replication of TradFi's bureaucracy, but a choice to provide automated, transparent, and minimally invasive standards for anti-money laundering, fraud detection, and risk attribution.
This should be seen as a protocol-level safeguard rather than top-down control: an intelligent, modular hierarchy that can maintain the openness of DeFi while ensuring accountability. These standards can be community-driven, open-source, and directly embedded in protocols, decentralized applications, and interaction interfaces—through collective collaboration, systemic risks can be reduced without sacrificing the core characteristics of decentralization.
The growth of DeFi does not need to replicate TradFi, but unrestrained freedom will only lead to chaos. The goal is not to limit innovation, but to safeguard it through common standards, ethical design, and resilience, ensuring its sustainable development.
Admittedly, this requires time, investment, and experimentation with tolerance for failure. But in the long run, the rewards will be substantial.
Author: Orest Gavryliak, Chief Legal Officer of 1inch Labs.
Original: “Cryptocurrency Hacks Are a Wake-Up Call for DeFi”
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
