The largest crypto hack to date–was it preventable?

6 ways Bybit and others can significantly benefit from a decentralization and smart contracts strategy.

By Jay Biancamano
Head of Tokenization & Digital Assets, Platonic

Bybit, a centralized exchange based in Dubai, lost over $1.4 billion in Ethereum and related tokens on February 21, 2025. It was the largest crypto heist in history (so far). It’s likely that Bybit uses a “safe wallet” backed by a smart contract that requires multiple signatures to transfer assets from a “cold wallet” (offline storage) to a “warm wallet” (software-based wallet) for operational tasks like exchange settlements.

The hack didn’t target Bybit’s safe wallet directly but instead seems to have exploited human error. The UI, which the signers used to view and approve transactions, was most likely spoofed to show a legitimate-looking transfer. In reality, the transaction’s raw data was altered, replacing the intended destination wallet with the hacker’s address. The signers believed they were authorizing a transfer to the correct wallet, but in reality, they had signed over assets to the hacker.
A safe multi-sig wallet smart contract processes any signed transaction that meets the necessary threshold (e.g., 3 out of 5 signatures). It doesn’t have the ability to verify the authenticity of the destination wallet address, which means it’s vulnerable to this type of attack.

Decentralization: A key to crypto security and preventing these types of hacks

Improving decentralization and adding runtime checks and validations in smart contracts can help prevent the type of hack experienced by Bybit. Here’s how decentralization and smart contract automation can help:

  1. Distributed Control of Assets. In centralized exchanges, funds are typically stored in a few large wallets controlled by the platform. If hackers gain access to a key, they can access all the funds. By decentralizing control with multi-signature wallets, even if one key is compromised, attackers still need more signatures to complete a transfer. However, a hacker can still manipulate the human signers. Increasing the signer pool, using different user interfaces, and requiring hardware wallets for some signers can mitigate this risk.
  2. Decentralized Identity and Access Management. Centralized systems often rely on one point of failure for identity verification. A successful breach of the exchange’s server can let a hacker manipulate the system. By using decentralized identity verification, where users control their keys, hackers face more challenges in exploiting a single weak point.
  3. Blockchain for Transparency. Bybit and similar platforms depend on centralized databases that can be manipulated if breached. Blockchain offers transparency, as once a transaction is recorded, it can’t be altered without changing the entire chain. This makes it harder for hackers to tamper with or steal data.
  4. Smart Contract Audits and Automation. In DeFi, smart contracts are governed by automated code, offering more transparency than centralized systems. Bybit and others can reduce the risk of hacks by using decentralized protocols and smart contracts for operations like withdrawals, trading, and order matching. These protocols are often subject to thorough community-driven audits for added security.
  5. Reduced Attack Surface. Centralized systems like Bybit have a large attack surface—if hackers target one part of the system, they can potentially access everything. A decentralized approach spreads risk across multiple nodes, making it harder for hackers to exploit a single vulnerability.
  6. Distributed Data Storage. Centralized systems store sensitive data in one place, which can be exploited if compromised. Decentralizing data storage across multiple nodes or using blockchain networks makes it much harder for attackers to steal data or funds.

Conclusion

Decentralization offers a more secure, transparent way of handling assets, access control, and data. By decentralizing key elements—like control over funds, identity verification, and transaction processing—Bybit and other similar cryptocurrency exchanges can make it significantly harder for attackers to exploit a single vulnerability.