“`html
Viewpoint by: Orest Gavryliak, chief legal officer, 1inch Labs
The Bybit breach in February shattered the record for the largest hack in cryptocurrency history. More than $1.4 billion was misappropriated by North Korean cybercriminals in an instant, with the audacious operation making news headlines globally.
Currently, as TRM Labs reveals, $2.1 billion worth of crypto has been lost to attacks in the initial half of 2025. This is an astronomical figure, and still, the hacks appear poised to persist.
While significant focus was directed at these brazen thefts, there hasn’t been sufficient examination of how these hackers succeeded in laundering the cryptocurrency assets. Centralized exchanges (CEXs) and DeFi protocols have lessons to glean from these catastrophic events — for different purposes.
CEXs need to adapt
For the trading platforms relied upon by millions of users globally, profound modifications must be implemented in transaction signing protocols. Relying on a user interface summary is no longer adequate; instead, it’s vital to manually decode call data. Only then can executives be certain that funds transferring from a cold wallet will arrive at their intended locations.
Other pioneering solutions encompass “intelligent co-signers” that verify the transaction and the signatures. This guarantees that suspicious requests are automatically denied, even if all required approvals are in place.
Transactions can now be simulated before signatures are executed, coupled with real-time threat intelligence that identifies high-risk call data. Transitioning to multi-party computation — where private keys are divided into multiple fragments and never fully reconstructed — can serve as a compelling substitute for smart contracts.
In recent cryptocurrency hacks, interfaces were exploited. Malicious actors deceived executives into unintentionally sanctioning harmful transactions. Over 80% of crypto pilfered across 75 hacks thus far this year was taken in what are termed infrastructure exploits, which, on average, secured 10 times more than other attack types.
It’s clear that a pattern is establishing itself, and it’s unacceptable for CEXs not to evolve in response to this recognized threat.
DeFi must resist hackers
The initial step is to make it exceedingly challenging for hackers to regard exchanges as their personal piggy banks, with robust defenses that eliminate attack avenues. In the subsequent phase of the hackers’ journey, when they try to transfer illicit funds through decentralized platforms, significant enhancements also need to be made.
Bybit CEO Ben Zhou’s exasperation was evident when he sought to freeze the substantial amounts of ETH taken from his platform in February. Blockchain analytics indicated that the funds were dispersed across numerous wallets in hundreds of transactions — fragmenting the $1.4 billion into countless tiny pieces. On the When Shift Happens podcast, he related his attempts to contact the platforms where the crypto had been transferred, but by the time he received a reply, the funds had been moved elsewhere.
This is why DeFi protocols must intensify efforts to inhibit hackers from exploiting their infrastructure. A combination of risk intelligence, transaction monitoring, wallet screening, and risk management software can all play a part here — without sacrificing decentralization.
Related: Crypto seed phrase, front-end hacks drive record losses in 2025: TRM Labs
Some solutions employ 24/7 real-time intelligence, while others also integrate human-based intelligence to swiftly respond to incidents as they arise. When combined with an advanced, multitasking risk management dashboard designed for DeFi, this technology can scrutinize interactions and transactions against blocked addresses, assign wallets to monitoring zones, and apply real-time risk scoring for addresses.
This multi-layered strategy allows for rapid identification of malicious activity, empowering security teams to decipher behavioral anomalies, collaborate with external intelligence providers, and take prompt action in intricate or ambiguous situations where human judgment is crucial. Suspicious wallets and IP connections can be blocked before funds are lost.
There’s nothing undesirable about healthy competition among exchanges and DeFi protocols. Customers deserve variety. A hack against one platform must, however, be regarded as an assault against all.
Close cooperation isn’t merely an exercise in public relations; it’s a chance to create a united stand against thieves who threaten this industry’s future. Every hack undermines consumer confidence, and if they persist, regulators may have no choice but to enforce measures that also punish law-abiding crypto users and developers.
Self-regulation is the way forward
By design, DeFi protocols are accessible to all users and do not supervise, manage, or “police” like a centralized alternative would. A non-custodial approach means DeFi developers cannot freeze illicit funds traversing their platform. Legislators may not fully understand how DeFi platforms function, which leads to developers often being blamed for other people’s actions, even if they weren’t personally accountable for these transactions.
Recent crypto hacks should act as a wake-up call. Accountable DeFi developers must unite to formulate robust governance and security models that keep pace with technological advancements. Thoughtful protocol design, layered defense systems, and continual security evaluations hold the potential to render crypto hacks no longer appealing to opportunistic criminals.
The deeper truth is evident. If crypto fails to self-regulate, it could become one of the most persuasive counterarguments against the free market itself.
Despite its flaws, traditional finance (TradFi) operates under a defined set of enforced regulations instituted by regulators — a form of central planning that serves as a buffer against systemic risk and crime. DeFi, in contrast, takes pride in removing intermediaries and embracing pure market dynamics. Ongoing events demonstrate that absolute freedom may not be viable without even a minimal layer of coordination or protections.
Perhaps the ideal is not a 100% free market but an 85% one, where the remaining 15% acts as a programmable rule layer aimed at securing safety, preventing misuse, and fostering trust. Not to replicate TradFi’s red tape, but to establish automated, transparent, and minimally invasive standards for areas like Anti-Money Laundering, fraud detection, and risk attribution.
Envision it not as top-down regulation but as protocol-level guardrails: intelligent, modular layers that allow DeFi to maintain openness while ensuring accountability. These could be community-driven, open-source standards integrated directly into protocols, decentralized applications, and interfaces — a collective initiative to mitigate systemic risks without compromising decentralization.
DeFi doesn’t need to imitate TradFi to mature, but freedom without accountability may invite disorder. The objective isn’t to limit innovation but to future-proof it through shared standards, ethical design, and resilience.
Yes, it will take time. Yes, it will require investment. And yes, it will necessitate experimentation and a few missteps. However, in the long run, the returns will be significant.
Viewpoint by: Orest Gavryliak, chief legal officer, 1inch Labs.
This article is for general information purposes and is not intended to be and should not be interpreted as legal or investment advice. The views, thoughts, and opinions expressed herein are solely those of the author and do not necessarily reflect or represent the views and opinions of Cointelegraph.
Source link
“`
