Hacken CEO sees ‘no shift’ in crypto security as April hacks hit $357M

Despite the $1.4 billion lost in the recent Bybit hack, crypto companies have not changed their approach to cybersecurity, according to Hacken CEO Dyma Budorin.

In an interview at the Token2049 event in Dubai, Budorin said the industry continues to rely on limited measures such as bug bounties and penetration tests, rather than implementing comprehensive, layered security strategies:

“Most of the projects think, ‘Okay, we did pentests. That’s enough. Maybe bug bounty. That’s enough.’ It’s not enough.”

He said that crypto companies must go beyond these isolated security measures and adopt more layered approaches similar to those of traditional industries. These include supply-chain security, operational security and blockchain-specific security assessments.

“In big Web2 companies, this is mandatory,” Budorin added.

While crypto security approaches remained the same, post-hack security approaches shifted slightly. Budorin told there were some improvements in the crypto space’s post-hack security responses.

“Maybe a little shift from a post-hack approach,” Budorin told Cointelegraph, citing how security firm Chainalysis introduced near real-time blacklisting of stolen funds. He said this small improvement is a step toward progress in crypto security.

“This is great because, previously, Chainalysis was blacklisting within three days when the funds were moving. And this is obviously nothing because hackers had enough time to launder, through exchanges, the stolen money,” Budorin said.

On Feb. 21, the Bybit hack saw $1.4 billion in crypto stolen through a safe wallet vulnerability. This became the largest crypto hack in history. After the hack, the malicious actors laundered 100% of the stolen money in just 10 days.

While faster blacklisting is a step forward, it still doesn’t address the deeper structural risks. “But in terms of the practice, cybersecurity, nothing changed,”