With the widespread application of blockchain technology and crypto assets, security issues have increasingly become the focus of the market and regulation. In the first half of 2025, several major security incidents exposed the vulnerabilities in the core structure of the current ecosystem, prompting the industry to strengthen regulation, technical protection, and compliance standards.

ByBit Major Theft Incident Research reports indicate that the amount stolen from cryptocurrency services in the first half of this year has reached approximately $2.17 billion, exceeding the total for the entire year of 2024, with ByBit's $1.5 billion theft incident at the forefront. Such incidents are typically triggered by vulnerabilities in wallet signature tools, improper transfer processes between cold wallets and "hot wallets," among other factors.

API Vulnerabilities and Insufficient Access Control Security research shows that access control vulnerabilities are a major cause of stolen assets in the first half of 2025, accounting for about 60% of recorded losses. Additionally, new AI-driven attacks such as phishing and malicious prompt injections are on the rise.

Exchange Hot Wallet and Supply Chain Security Issues For example, the hot wallet of the exchange BigONE suffered a security attack, resulting in a loss of approximately $27 million. This attack was identified as a supply chain attack, where the attacker exploited vulnerabilities in server logic and production networks for unauthorized withdrawals. Although private keys and cold storage were not compromised, the operational processes of the hot wallet and the security of the infrastructure were severely questioned.

Lagging Infrastructure Protection: Key components such as hot wallets, API interfaces, and signature tools still have significant security gaps, and operational and security processes have not kept pace with the rapid expansion of the ecosystem.

Upgraded Attack Techniques: New technologies such as AI-driven social engineering attacks and deep forgery are being used for fraud, making it difficult to completely prevent such attacks with traditional protective measures.

Unclear Regulation and Responsibility: The disclosure time and compensation efforts of exchanges or service providers after security incidents vary, leading to a loss of user trust. There is a lack of unified international standards for the boundaries of responsibility and security standards between cold wallets and hot wallets.

Strengthening Security Standards and Audit Mechanisms Several blockchain security companies and analytical institutions suggest establishing a more transparent audit system for exchanges and wallet providers, including third-party security audits, white-hat vulnerability bounty programs, and standards for isolating hot and cold wallets.

Zero Trust Architecture and Access Control Upgrades The fintech industry is exploring the introduction of a zero-trust security model into the blockchain/smart contract ecosystem to ensure that all access requests require verification, with multiple permission controls to reduce the possibility of internal or external abuse of privileges.

Enhancing Inter-Agency Cooperation and Intelligence Sharing Blockchain security incidents are often cross-national and cross-platform, with complex flows of attacker funds. By collaborating between the public and private sectors, sharing blacklists/risk addresses, and implementing real-time alert systems, the speed of detection and response can be improved.

User Trust Fluctuations: Frequent security incidents may lead to a decline in confidence among investors and ordinary users in exchanges or wallet service providers, thereby affecting platform deposits and activity levels.

Rising Demand for Insurance and Audit Services: As the amount of stolen assets remains high, insurance companies and security audit firms will become important service providers, expanding cooperation opportunities with the crypto industry.

Tighter Regulatory Policies: Regulatory agencies in multiple countries may introduce stricter regulations targeting key areas such as hot wallets, asset custody, and cross-chain bridges, imposing penalties or mandatory standards to raise compliance thresholds.

The blockchain security situation in the first half of 2025 is severe, with hacker attacks, hot wallet leaks, access control defects, supply chain vulnerabilities, and AI-driven fraud intertwining, posing significant risks to the industry. Market participants should prioritize the construction of security infrastructure, accelerate the introduction of mature mechanisms and standards, and both regulation and the industry should jointly promote transparency and accountability mechanisms. Only in this way can the blockchain ecosystem solidify user trust amid rapid development and move towards a sustainable future.

Related: Bitcoin (BTC) Analyst Predicts: After the Ninth Bullish RSI Signal is Triggered, a 35% Surge May Follow

Original: “Blockchain Security Risk Escalation: Frequent Hacker Attacks and Industry Responses”

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。