Bybit’s recent security breach has sent shockwaves through the crypto industry, highlighting vulnerabilities in multi-sig cold storage solutions and emphasizing the need for more sophisticated security measures. The breach, attributed to a sophisticated exploit manipulating call data and swapping Safe’s implementation for a backdoored version, resulted in over $1.4 billion in losses.
Experts from Ledger CEO Pascal Gauthier, Fireblocks, and Binance co-founder Changpeng Zhao (CZ) have provided crucial insights into how this could potentially have been prevented and what steps exchanges must take to secure digital assets. CZ pointed out that North Korea’s Lazarus Group, responsible for several major exchange hacks, executed the attack by manipulating the front-end interface to display a legitimate transaction while signing a different, malicious transaction behind the scenes.
To prevent similar breaches in the future, industry experts recommend improving transaction transparency and reducing blind signing. Pascal Gauthier emphasized that Clear Signing—a method ensuring users can fully verify transaction details before signing—must be widely adopted to mitigate these risks. Fireblocks also supports enhanced transaction visibility through its DeFi threat detection and real-time monitoring.
Moreover, CZ and Fireblocks suggest that exchanges should rethink multi-sig solutions and move towards Distributed Multi-Party Computation (MPC) wallets, which offer superior signing security by distributing key fragments rather than relying on multiple signature providers. This method reduces the risk of any single compromised key leading to a breach.
The incident also highlights the importance of enterprise governance and approval flows, including multi-level transaction approvals, whitelisting of approved wallet addresses, and hardware-based verification. Industry leaders stress that enterprises must strengthen security with B2B custody solutions designed for institutional needs.
In addition, adopting off-exchange trading solutions can reduce reliance on exchange-controlled wallets and minimize exposure to counterparty risk in the event of an exchange breach. Fireblocks’ Off Exchange Settlement model eliminates this risk, while Ledger offers Tradelink, a solution that minimizes exposure while enabling liquidity.
Bybit’s CEO, Ben Zhou, demonstrated strong crisis management by pausing withdrawals, conducting a thorough investigation, and working with security teams to understand the breach. This quick response likely prevented even greater losses and helped restore some community trust. Exchanges must use this time to assess attack vectors, verify which systems were compromised, and implement additional safeguards before resuming normal operations.
The Bybit hack underscores the importance of self-custody and proper security practices for individual users. To protect yourself, consider using wallets with clear transaction visibility, verifying every transaction before approval, diversifying custody solutions, staying informed about security best practices, managing backups properly, and storing seed phrases securely in offline locations.
Ultimately, the crypto industry must prioritize transaction transparency, shift from traditional multi-sig solutions to more secure architectures like MPC, strengthen governance frameworks, enhance exchange security through off-exchange trading models, and adopt strong leadership in crisis situations. If the right lessons are learned, the industry can build a more secure and resilient future.
Source: https://www.forbes.com/sites/digital-assets/2025/02/22/breaking-could-bybits-14b-hack-have-been-stopped-ledger-cz-react