
Bybit crypto heist: Five key lessons to prevent a repeat
Dubai-based cryptocurrency exchange Bybit was the victim of what is being widely reported as the single largest digital theft in history. Hackers extracted approximately $1.5bn (£1.2bn) from an Ethereum wallet and transferred the contents to a new, unlocatable address.
The platform has assured users of its liquidity—despite a significant increase in the volume of withdrawals in the wake of the breach—promising refunds to all affected users even if the stolen money is not recovered.
According to Osama Bari, Chief Technology Officer at D24 Fintech Group, exchanges that comply with a core set of rules will drastically reduce their chances of suffering a similar breach.
1. Multi-party approval systems
The Bybit security breach was primarily caused by vulnerabilities in multi-signature authorization and UI spoofing tactics, where attackers manipulated the interface to display different addresses.
Bari said: 'Even experienced professionals might overlook such discrepancies without a thorough investigation. Typically, such issues often go unnoticed during routine exchange operations.
'To mitigate such risks, exchanges should implement a threshold-based, multi-party approval system for all transactions. Additionally, secure platforms require real-time monitoring systems to analyze deposits and withdrawals, with automated cross-checks for unusual spikes. If required, large transactions must be manually verified with a comprehensive report. Each withdrawal should undergo a transaction audit score assessment before being processed.'
2. Ensure two-factor authentication is in place
Two-factor authentication (2FA) is a security method that requires a second form of identification to access any account information or funds.
Bari: '2FA is no new phenomenon, but its importance as a tool for verifying users and ensuring only the right personnel can manage and withdraw balances or view confidential information cannot be understated.
'This is a basic form of protection that exchanges should absolutely be offering to their customers and can be a vital deterrent for hackers as it increases the difficulty of breaching gated accounts. All financial providers have a duty to protect their users and 2FA is a guaranteed way of raising the level of in-built security they provide.'
3. Custodians are valuable third parties
Custodians safeguard assets for fellow financial institutions to reduce the risk of loss, theft, or damage.
Bari continued: 'Exchanges should not underestimate the level of responsibility that comes with holding considerable volumes of assets on behalf of customers. Failure to put the appropriate measures in place to protect these funds, as we've just seen with the Bybit hack, could result in disastrous consequences for both the company attacked and the users impacted.
'Turning to external organizations to bolster security is a viable option for exchanges that lack the infrastructure and liquidity to manage millions, or even billions, worth of currency. Partnering with a trusted custodian will ensure that customer investments stay safe, allowing exchanges to focus on other important activities such as enhancing user experience and increasing the financial literacy of their customers.'
4. Perform a liveness check
A liveness check verifies a user's identity through a biometric measure, for example, their face or fingerprint. 40% of banks have implemented this precaution to tackle fraud, up from 26% five years ago.
Bari: 'For crypto exchanges, and financial institutions more generally, a liveness check adds that final layer of protection to dissuade hackers from attempting an attack. Having access to passwords, secure keys, or even primary devices is no longer enough to successfully bypass security measures—customers are protected as their face, fingerprints, and even voices are all unique.'
5. Make security CEXy
Centralized cryptocurrency exchanges (CEXs) are regulated intermediaries that facilitate the trading of fiat and digital currencies.
Bari concluded: 'A pivotal element of cryptocurrency's appeal throughout its history has been its decentralized nature, with many early adopters drawn to this form of tender by its anonymity. However, as crypto has become increasingly mainstream and a viable investment for individuals globally, it's important to reshape our thinking and start putting security at the top of the list of priorities.
'Due to Bybit's centralized approach, the exchange was able to freeze $42.85 million in stolen assets within 48 hours through collaborations with other platforms. This highlights the increased resilience of CEXs and how trusted partnerships with other organizations in the crypto field can limit the damage inflicted in a hack.'
Copyright © 2022 AfricaBusiness.com - All materials can be used freely, indicating the origin AfricaBusiness.com Provided by SyndiGate Media Inc. (Syndigate.info).

Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles


Khaleej Times
4 hours ago
- Khaleej Times
Some Dubai chocolate sold in UK may contain banned ingredients, says regulator
Some Dubai style chocolate being sold in the UK retail market may not meet the country's criteria and may contain banned additives or colouring agents, the British regulator Food Standards Agency (FSA) said on Thursday. However, the authority said that 'most Dubai-style chocolate available in the UK are 'safe' to consume for the British consumers. It advised consumers that some products imported under the Dubai chocolate brand from other countries may have banned ingredients, asking consumers to report it to authorities. Dubai chocolate has gone viral globally and companies in some other countries are also producing similar kinds of products. Made popular on TikTok, people have queued for hours to buy chocolate bars in Germany. The chocolate is filled with pistachios and crispy shredded filo pastry, costing around 25 euros in Germany. Earlier this year, a German court asked a supermarket not to sell a product as 'Dubai chocolate', saying the confectionary should be marked with Dubai brand only if it originated from the emirate. Earlier this year, German authorities confiscated 90kg of luxury Dubai chocolate from a woman at Hamburg airport that was subject to hundreds of euros in import duties. 'The vast majority of food in the UK is safe, but some imported Dubai-style chocolate products don't meet our standards and could be a food safety risk, especially for consumers with allergies. If you are looking to buy Dubai-style chocolate, we advise sticking with trusted retailers, like the ones you'd use for your weekly shop, as products are more likely to be made for UK consumers and so are safe to eat,' said Professor Robin May, chief scientific advisor to the FSA. 'As it's difficult for consumers to tell the difference between products made for the UK and those that aren't if you have a food allergy or intolerance, we advise that you do not buy the product unless you're certain it's intended for sale here. UK law requires food labels to highlight any of 14 allergens present in the product, but some imported products may not do this,' he said. The regulator said it is working with local authorities and has identified a number of products that pose a health risk to consumers with allergies. 'Some of these products may also contain additives and colours which aren't allowed on the UK market.' An advisory for consumers in the UK by the regulator said some imported Dubai-style chocolate products may not be intended for sale in the UK and could lack a full ingredients list or allergen labelling. By law, it said, labels must list all ingredients and clearly highlight any of the 14 regulated allergens. 'Products that should not have been imported for sale may not meet the UK's high food safety standards.' The British regulator said it is now studying these products and is working with allergy charities to help raise awareness of the risk with consumers. The FSA pointed out that the food products made to UK standards should have labels in English containing the name of the food (e.g. milk chocolate with pistachio paste filling); a list of ingredients, with allergens emphasised; the weight in grams; expiry date; and the name and address of the UK or EU business. If the food is not from the UK or EU, the name and address of the importer must be included.


UAE Moments
4 hours ago
- UAE Moments
Huda Kattan Is Donating AED 1 Million — You Pick the Cause
Huda Kattan just dropped two major announcements — and both are setting the internet on fire. First up: Huda Beauty is officially 100% independent. Second? To mark the milestone and celebrate Eid Al Adha, the Dubai-based entrepreneur is giving away AED 1 million — and she wants YOU to help decide where it goes. Read More: Huda Kattan Reclaims Full Ownership of Huda Beauty From full independence to full impact After buying back the remaining shares of Huda Beauty, Huda is now fully self-funded and family-owned. But instead of making it all about the business win, she's choosing to shift the spotlight to something bigger — giving back. Fans get a say in the AED 1M donation In a bold move that's turning heads, Huda is crowdsourcing the cause. She invited her followers to drop suggestions in the comments, turning her feed into a heartwarming stream of charity recs, personal stories, and powerful community-driven ideas. Thousands have already joined in. Huda's always put her platform to work This isn't a PR stunt. Huda has long been known for putting her money — and voice — where her heart is. Over the past two years, she's donated over $1.5 million to humanitarian causes in Palestine, Lebanon, and Gaza, supporting organizations like Doctors Without Borders and Human Appeal. She's also stayed unapologetically vocal about injustice — even when it meant taking risks. From social media backlash to industry pushback, she's never backed down. Real power, real people This time, the AED 1 million donation isn't just generous — it's interactive. It's a social media moment turned movement. Fans are cheering her on, nominating grassroots orgs, international NGOs, and local causes that rarely get mainstream shine. So what's next? Huda hasn't revealed the chosen cause just yet, but if her track record's anything to go by, it'll be bold, heartfelt, and game-changing. And the message is clear: this isn't just a beauty empire — it's a platform for good. Read More: The Beauty Mogul Huda Kattan Launches her Own Podcast


Tahawul Tech
4 hours ago
- Tahawul Tech
NTT DATA launches AI powered software defined infrastructure services for Cisco
Reimagined Software Defined Infrastructure services enhance optimisation, reduce costs and accelerate transformation in the era of AI Dubai — NTT DATA, a global leader in digital business and technology services, is marking a major milestone in its 30-year collaboration with Cisco by launching AI powered Software Defined Infrastructure services (SDI) for Cisco's infrastructure and software products. This latest evolution reinforces the companies' longstanding partnership, aimed at helping organisations modernise IT infrastructure and accelerate digital transformation. 'With AI-powered SDI services, we're leveraging our strategic vision to provide organisations with proactive, intelligent automation, helping them navigate the complexities of hardware and software alignment to business,' said Aditya Afzulpurkar, Senior Vice President, Technology Solutions, NTT DATA, Inc. 'We are proud of the evolution of our partnership with Cisco as both companies go beyond traditional services to help clients solve real business challenges in the era of AI.' Meeting an urgent market need Modern infrastructure requires a non-traditional approach. According to NTT DATA's 2024 GenAI research, 80% of organizations agree that inadequate or outdated technology is holding back organisational progress and innovation efforts. In fact, 94% of C-suite executives believe legacy infrastructure is greatly hindering their business agility. AI infrastructure investments are a critical part of organizations' ability to modernise and companies know the clock is ticking, yet only 13% are ready to leverage AI and AI-powered technologies to their full potential, according to Cisco's 2024 AI Readiness Index. 'As businesses navigate increasingly complex technology lifecycles, they need partners who combine automation, intelligence, and measurable results,' said Leslie Rosenberg, Research Vice President, Network Lifecycle and Infrastructure Services, IDC. 'SDI services deliver on all three, redefining the way enterprises manage IT infrastructure.' NTT DATA's SDI services for Cisco products deliver intelligent automation and real-time insights to optimize infrastructure, reduce costs and drive business outcomes. NTT DATA has invested significantly in AI capabilities to provide clients with assured outcomes, asset management and more. 'For over 30 years, NTT DATA and Cisco have collaborated in delivering innovation and accelerating customer success,' said Shannon Leininger, Vice President, Global Partner Sales at Cisco. 'NTT DATA will now also provide AI-powered digital infrastructure services to enable future-proofed workplaces and AI ready data centers — bringing together networking and security to empower organizations with a modern digital infrastructure for the AI era.' Key Capabilities of NTT DATA's AI-Powered SDI Services Outcomes-Based Shared Success Plans: clearly outlined goals, identification of risks and rewards, and ensuring accountability. AI-Powered Service Reliability: smart technology that helps keep systems running smoothly, reducing unexpected breakdowns, and ensuring reliability. AI-Driven License Management: advanced tracking and analysis to prevent costly software issues, optimize resources, and eliminate unnecessary expenses. Business Focused Technology: Every tech investment is guided by strategies that prioritize client satisfaction, innovation, security, and align with IT services. Seamless Digital Access: a user-friendly, digital-first interface including a mobile application to provide instant updates on requests, risks, licenses, and helpful AI insights. Advancing Three Decades of Collaboration NTT DATA is Cisco's only Gold partner across 34 countries, earning 40 awards at Cisco's 2024 Partner Summit, including three global partner of the year awards. Their collaboration has supported over 4,000 enterprises worldwide, providing lifecycle services to enhance business agility. With over 14,000 technical experts in 50+ countries, they deliver solutions ranging from small branch networks to global enterprise infrastructures, including private 5G. Proven Success and Live Showcase NTT DATA's AI-powered SDI services are available globally. Attendees can experience this innovation firsthand at Cisco Live Americas 2025 on June 9, 2025, where NTT DATA will showcase how AI-powered infrastructure management is revolutionising IT.