Security is something I have been dealing with for the past 15–17 years. No matter how much you know, there will always be someone smarter, faster, or stronger. Yet, there is a set of rules and principles that should never be violated.
The Bybit experience was particularly illustrative for me because the exchange's employees neglected all major security approaches—from fundamental and abstract principles to concrete, detailed measures.
Thus, I will analyze several key aspects based on this hack.
Years ago, I formulated this principle for myself: "Any system can be hacked. The only question is time, money, and effort." If hacking your system yields $1M while costing the attacker only $10K, the system will definitely be hacked. However, if hacking requires $1.1M, then the question becomes: why bother? Unless, of course, the motive is to harm a competitor or conduct a state-sponsored cyberattack.
This principle was precisely what Bybit's employees violated. According to initial interviews, they believed their system was invulnerable. But the $1.4B price tag changed everything.
Wherever you work, you must understand that anything can be hacked, anytime, and anyway. The only variables are money, time, and effort. Knowing this, let's move forward…
Yes and no. Hardware wallets have always been attacked—Ledger and Trezor are prime examples. Other brands fare even worse.
However, you can mitigate risks and reduce negative impacts when using hardware/multisig wallets.
Here are some recommendations compiled from researchers and personal experience:
These precautions are just a start. Now, let’s compare them with lessons learned from the Radiant hack:
Did Bybit implement any of these? According to available data—no.
Phishing, social engineering, and spam account for 80% of cyberattacks. The Bybit and Radiant cases prove this clearly.
To mitigate risks, implement role separation:
Again, public data does not confirm that Bybit followed any of these steps.
Many experts have weighed in on this hack. Here are some key perspectives:
The key takeaway? While the attack appeared highly technical, it ultimately succeeded due to human error rather than technological vulnerabilities.
Therefore, I highly recommend studying the Radiant and WazirX cases as well. It’s clear that script kiddies are adopting these techniques, meaning that not only exchanges but a wider range of crypto projects will be targeted next.
Stay safe!