Bybit crypto heist: Five key lessons to prevent a repeat
The platform has assured users of its liquidity—despite a significant increase in the volume of withdrawals in the wake of the breach—promising refunds to all affected users even if the stolen money is not recovered.
According to Osama Bari, Chief Technology Officer at D24 Fintech Group, exchanges that comply with a core set of rules will drastically reduce their chances of suffering a similar breach.
1. Multi-party approval systems
The Bybit security breach was primarily caused by vulnerabilities in multi-signature authorization and UI spoofing tactics, where attackers manipulated the interface to display different addresses.
Bari said: 'Even experienced professionals might overlook such discrepancies without a thorough investigation. Typically, such issues often go unnoticed during routine exchange operations.
'To mitigate such risks, exchanges should implement a threshold-based, multi-party approval system for all transactions. Additionally, secure platforms require real-time monitoring systems to analyze deposits and withdrawals, with automated cross-checks for unusual spikes. If required, large transactions must be manually verified with a comprehensive report. Each withdrawal should undergo a transaction audit score assessment before being processed.'
2. Ensure two-factor authentication is in place
Two-factor authentication (2FA) is a security method that requires a second form of identification to access any account information or funds.
Bari: '2FA is no new phenomenon, but its importance as a tool for verifying users and ensuring only the right personnel can manage and withdraw balances or view confidential information cannot be understated.
'This is a basic form of protection that exchanges should absolutely be offering to their customers and can be a vital deterrent for hackers as it increases the difficulty of breaching gated accounts. All financial providers have a duty to protect their users and 2FA is a guaranteed way of raising the level of in-built security they provide.'
3. Custodians are valuable third parties
Custodians safeguard assets for fellow financial institutions to reduce the risk of loss, theft, or damage.
Bari continued: 'Exchanges should not underestimate the level of responsibility that comes with holding considerable volumes of assets on behalf of customers. Failure to put the appropriate measures in place to protect these funds, as we've just seen with the Bybit hack, could result in disastrous consequences for both the company attacked and the users impacted.
'Turning to external organizations to bolster security is a viable option for exchanges that lack the infrastructure and liquidity to manage millions, or even billions, worth of currency. Partnering with a trusted custodian will ensure that customer investments stay safe, allowing exchanges to focus on other important activities such as enhancing user experience and increasing the financial literacy of their customers.'
4. Perform a liveness check
A liveness check verifies a user's identity through a biometric measure, for example, their face or fingerprint. 40% of banks have implemented this precaution to tackle fraud, up from 26% five years ago.
Bari: 'For crypto exchanges, and financial institutions more generally, a liveness check adds that final layer of protection to dissuade hackers from attempting an attack. Having access to passwords, secure keys, or even primary devices is no longer enough to successfully bypass security measures—customers are protected as their face, fingerprints, and even voices are all unique.'
5. Make security CEXy
Centralized cryptocurrency exchanges (CEXs) are regulated intermediaries that facilitate the trading of fiat and digital currencies.
Bari concluded: 'A pivotal element of cryptocurrency's appeal throughout its history has been its decentralized nature, with many early adopters drawn to this form of tender by its anonymity. However, as crypto has become increasingly mainstream and a viable investment for individuals globally, it's important to reshape our thinking and start putting security at the top of the list of priorities.
'Due to Bybit's centralized approach, the exchange was able to freeze $42.85 million in stolen assets within 48 hours through collaborations with other platforms. This highlights the increased resilience of CEXs and how trusted partnerships with other organizations in the crypto field can limit the damage inflicted in a hack.'
Copyright © 2022 AfricaBusiness.com - All materials can be used freely, indicating the origin AfricaBusiness.com Provided by SyndiGate Media Inc. (Syndigate.info).
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Khaleej Times
6 hours ago
- Khaleej Times
Dubai: Studio portraits with no photographer; new AI-powered room to ensure privacy
A new photography concept is set to launch in Dubai, aiming to put both the camera and creative control entirely in the user's hands. described by its founders as the UAE's first AI-powered studio for self-photography, will open its flagship location in Al Quoz this September. The startup promises to address privacy and comfort concerns by offering a sealed, sound-insulated room where users can take studio-quality portraits without a photographer present. Inside, a smart mirror and cinema-grade camera powered by Edge AI guides individuals through a self-directed session, with automatic image enhancement and secure delivery via private link. 'There's often discomfort in traditional photo shoots; the setting, the photographer, the pressure to look a certain way,' said Mitia Muravev, founder and CEO of 'We wanted to eliminate that. Our goal is to create a space where people can be themselves and see that reflected back.' The concept, according to the founders, originated from a common observation — that people often reject photographs not because of appearance, but because of discomfort or unease during the session. They believe this challenge is especially pronounced in communities where modesty and privacy are deeply valued. Peter Bondarenko, co-founder and chief product officer, said the system relies on embedded cameras and AI to recognise facial features and skin tones, applying subtle real-time enhancements such as colour correction and skin smoothing without altering natural features. Images are stored in encrypted, user-specific galleries, accessible only via one-time passcodes sent to the user's phone. According to the team, no personal data is stored beyond the gallery access mechanism. The concept was first piloted at the 2024 Arab Media Summit, where, the founders say, hundreds of women queued to try the service. 'Many said it was the first time they truly enjoyed a photo shoot,' Muravev said. Since then, the studio has reportedly served over 4,000 users in soft launches. While the service may attract influencers and professionals seeking headshots, the startup maintains that its core focus is helping everyday users feel more at ease in front of the camera.
Arabian Business
8 hours ago
- Arabian Business
Dubai Duty Free smashes all-time July sales record by nearly 6%
Dubai Duty Free (DDF) broke its all-time sales record in the month of July by nearly six per cent after posting sales of AED638.8 million (US$174 million). Its year-to-date sales of AED4.734 billion (US$1.29 billion) are up 5.86 per cent on the same period last year. The increase is notable given that passenger growth for the same period was less than 3 per cent. Dubai Airports said last month that passenger traffic at DXB, the world's busiest international aviation hub, served 46 million people across 222,000 flights through to the end of June, an increase of 2.3 per cent, despite the disruptions in the region. Dubai Duty Free on a high The previous record for July was AED602.8 million (US$164.1 million) set in 2023. DDF's sales are 9.7 per cent higher than July 2024 sales of AED582.26 million (US$158.6 million). This places July 2025 in ninth place amongst the Top 10 months in Dubai Duty Free's history. The company has achieved sales records in five out of seven months so far this year. Ramesh Cidambi, Managing Director of Dubai Duty Free, commented: 'We are delighted to report another strong sales month in what is already proving to be an exceptional year. 'This outstanding performance reflects the resilience of our retail operation and the continued demand for world-class shopping experiences. Achieving nearly 10 per cent sales growth in a month when we estimate passenger traffic remained relatively flat, is a testament to our team and product offering.' Sweet success Confectionery sales grew an incredible 57 per cent from July last year, and it made it to the Top five categories of DDF. Sales of watches increased 18.4 per cent and Precious Jewellery grew 16.8 per cent, but they still could not make it to the Top five categories, which was occupied by Perfumes, Liquor, Gold, Tobacco and Confectionery. Perfume sales rose by 10.3 per cent over the same month last year, Liquor sales rose by 1.7 per cent, while Tobacco saw a 2.2 per cent increase. Gold sales rose by 15.5 per cent. DDF said July's sales surge was fuelled in part by a growing appetite for iconic luxury brands. The company's CA and CB Fashion Boutiques, home to some of the world's most sought-after luxury labels, grew 11.36 per cent. Flagship brands such as Chanel, Louis Vuitton and Cartier were standout performers, reflecting sustained demand for high-end fashion and accessories at DXB. Cidambi added: 'Given the recent media reports outlining the difficulties facing global luxury brands, we are happy to buck that trend in our luxury Boutiques, where we are seeing continued demand for select brands.' Lure of Rolex DDF's pre-loved luxury boutique, REKLAIM, launched in December 2024, continued to grow. Located in Concourses A, including in the Emirates First Class Lounge, Concourse B and D, REKLAIM offers a curated selection of authenticated pre-owned watches and handbags from top-tier luxury brands. In just over seven months, REKLAIM has generated more than AED14.3 million (US$3.9 million) in sales of which AED1.6 million (US$440,000) was generated in July alone. Rolex was the stand-out performer, with a total of 176 sold since the launch of REKLAIM, with 16 sold in July alone.
The National
8 hours ago
- The National
Sheikh Mohammed trials train from Dubai to Fujairah
Sheikh Mohammed bin Rashid, Vice President and Ruler of Dubai, took to social media to share images of a journey from Dubai to Fujairah on the much anticipated Etihad Rail passenger service. The network, set to start operations next year, will connect 11 cities and regions across the country - and is expected to transport 36 million passengers by 2030. Sheikh Mohammed expressed his pride in the project and in "a country that never stops working, but rather adds a new building block to its future infrastructure every day". Connecting the country Plans for the passenger line were unveiled in 2021. Earlier this year, Etihad Rail said that the first four passenger stations on the UAE-wide line would be in Abu Dhabi, Dubai, Sharjah and Fujairah. The station in Fujairah is in the Sakamkam area and the one in Sharjah close to the airport and University City. While the precise Dubai and Abu Dhabi sites have yet to be revealed, it is believed the Dubai station will be near Jumeirah Golf Estates. It was previously announced that passenger trains are set to travel at 200kph, carrying up to 400 passengers. Travelling from Abu Dhabi to Dubai will take about 57 minutes, while a journey from the capital to Fujairah will take 105 minutes. In January, Etihad Rail announced plans for an electrified high-speed passenger service between Abu Dhabi and Dubai with its own set of stations.
