Insights
Security in Digital Assets: A Perspective In Light of The ByBit Hack
Insights
Security in Digital Assets: A Perspective In Light of The ByBit Hack
The proliferation of digital assets has opened the door to new investment strategies, allocation opportunities, and diversification potential for global investors. Over the last ten years, the sector has transitioned from being the realm of fans of blockchain technology and enthusiastic retail investors to an established asset class worth over $3 trillion, with strong institutional investor presence. While security and custody issues have always been a key topic in traditional finance, the technological characteristics of digital assets have introduced new security threats that investors, governments, and financial institutions had never encountered before.
Since the earliest days of Bitcoin, a prominent issue has remained that of self-custody, where digital asset owners rely on their own private keys and wallets to safeguard their holdings. Issues with forgotten private keys and wallet hardware failures have resulted in an estimated 13% of all Bitcoin, currently worth $200B¹, being permanently lost. With the emergence of centralised exchanges, the custodial threat has shifted to cyberattacks targeting wallets and asset custodians. The frequency and magnitude of these events have put into question the safety for institutional investors of holding large amounts of capital in the form of digital assets.
As the sector has evolved, the nature of these threats has also evolved - and so has the effectiveness of digital asset security and custody solutions to counter them. For professional investors and institutions, security is not just a feature but a necessity, fully underpinning the attractiveness of investment platforms, asset classes, and financial institutions. The recent $1.5 billion² cybertheft from Dubai-based exchange ByBit has been a reminder that the issue is still relevant - and with over 860 million³ people worldwide owning digital assets, perhaps more than ever in 2025.
This article explores key security concerns in digital asset custody, the importance of robust security frameworks, and how Lionsoul ensures a world-class level of digital asset protection for its clients.
Traditional financial institutions have long-established security measures which are globally utilised. These include multi-factor authentication for account access, encryption for sensitive data, and real-time fraud monitoring. More recently, behavioral biometrics and AI-driven anomaly detection have been adopted to prevent unauthorized access and fraudulent transactions. Geofencing and IP tracking are also commonly used to restrict access based on location, while hardware security modules (HSMs) ensure the integrity and security of cryptographic keys.
Beyond institution-based security measures, traditional finance has also benefited from extensive legislation and government-backed investor protection worldwide, ensuring the safety of funds even in cases of systemic failure. Government-mandated deposit insurance programs, such as the Federal Deposit Insurance Corporation (1933)⁴ in the US and the Financial Services Compensation Scheme (FSCS)⁵ in the UK (2001), provide safeguards for bank deposits. Additionally, investor protection laws like the Securities Investor Protection Act (SIPA)⁶ of 1970 in the US, ensure that brokerage customers are covered in the event of firm insolvency. In the EU, the Deposit Guarantee Schemes Directive (DGSD) introduced in 1994 and later strengthened in 2009 ensures that depositors across the Eurozone have a minimum level of protection⁷.
Government-led initiatives have been introduced over decades, often in response to large macroeconomic events and major financial shocks.
Financial institutions, nonetheless, remain prime and frequent targets for cyberattacks. In 2023, 77%⁸ of financial institutions reported detecting cyberattacks within the prior 12-month period, more than any other sector. Over the past two decades, financial institutions experienced over 20,000 cyberattacks that caused more than $12B⁹ in losses according to IMF data. Ransomware attacks on financial services, in particular, have increased to 64%¹⁰ of the total in 2023, almost double the 34% reported in 2021. Overall, cyber incidents in the global financial sector totalled 3,348 in 2023¹¹, up from 721 in 2020, an increase of 364%.
Unsurprisingly, cybersecurity risks are deemed “extremely important” by more than 80% of bankers¹² as the top operational risk, and 70%¹³ of financial institutions acknowledge more resources should be spent on cybersecurity.
Custodial security challenges in digital assets: innovative solutions to counter emerging threats.
In contrast to traditional financial institutions, digital asset exchanges and custodians began to operate in the early 2010s¹⁴. The legal status of digital assets was unclear in most jurisdictions, creating a regulatory grey area. The US Treasury issued its first guidance acknowledging digital assets only in March 2013¹⁵, while in March 2014 the IRS established a tax framework for the category. The Commodity Futures Trading Commission (CFTC) later addressed digital asset derivatives in 2015¹⁶, with additional guidance from the SEC in its DAO Report in 2017.
For what concerns account security, this has remained largely the responsibility of exchanges and investors managing their own private keys and wallets. As centralized exchanges first emerged to facilitate trading, they became the first targets for hackers. With the launch of Ethereum in 2015 and the development of Decentralised Finance (DeFi) apps, new cyberthreats emerged specifically targeting DeFi platforms. The security threats to digital asset custody belong to four primary macro-categories:
As in the traditional financial sector, since 2015 cybertheft has increased in the digital asset market, with $2.2B misappropriated in 2024³⁶ compared to $25M in 2015. The significant growth in relative terms, an increase of 88x, nevertheless lags the growth of overall digital asset valuations during the same period. In December 2015, the total global market capitalization of all digital assets was estimated to be around $8B³⁷, compared to almost $2.6 trillion³⁸ currently - a growth of over 400x. Furthermore, the amount of funds lost to crypto hacks in 2024 remained 40% below the level of 2022, despite the further expansion of the sector.
The targets of cyberattacks are also changing. Statistics show Decentralised Finance (DeFi) protocols, rather than centralised exchanges and platforms, have become the key targets of hacks since 2021. Centralised platforms, which experienced 60%³⁹ of all hacks in 2016, constituted slightly more than 25% of the total in 2023. This is mostly due to improvements in the cybersecurity⁴⁰ of centralised exchanges, as opposed to the complexity and openness of DeFi platforms. In DeFi, digital tokens remain in self-custody with Web3 wallets (MetaMask, Trust Wallet) or in non-custodial Multi-Party Computation (MPC) wallets, and users interact with DeFi apps via smart contract-based transactions. While avoiding the risks inherent to centralised exchanges, DeFi users remain at risk of losing access to private keys and of hackers exploiting smart contract vulnerabilities.
Due to the specific nature of the sector, institutional investors in digital assets require a level of security that matches or exceeds that of traditional financial institutions.
Security remains a key issue in the global adoption and growth of digital asset investment. Many institutions have hesitated to allocate substantial capital to digital assets due to fears of security breaches⁴⁵. An estimated 77%⁴⁶ of family offices cite hacking and cybercrime as the number one obstacle to investing in digital assets. Even among existing digital asset investors, 40%⁴⁷ still cite security as a major concern and almost half (46%)⁴⁸are not satisfied with their providers’ commitment to security. The need for platform security accompanies that for compliance, with 80%⁴⁹ of digital asset funds and hedge funds only willing to invest with regulated third-party custodians. These statistics reflect the findings of the July 2024 Lionsoul Global survey, where 95% of respondents emphasized the necessity of secure custody solutions and advanced security measures, such as multi-signature wallets, insurance-backed storage, and institutional-grade authentication protocols.
Lionsoul prioritizes security at the technological, custodial, and regulatory levels - all aimed at maintaining the continuous safety of client funds. By implementing the most advanced cybersecurity measures, and partnering with world-class third-party providers, aims to lead the global growth in institutional digital asset investment.
Mt. Gox (2014): One of the earliest and most notable exchange hacks, Mt. Gox lost approximately 850,000 BTC (worth around $470M¹⁷ at the time) due to a security breach. The company was experiencing ongoing hacks and transaction malleability attacks, including the cybertheft of 25,000 BTC belonging to clients in 2011¹⁸. Mt Got filed for bankruptcy in February 2014, with clients recovering less than 200,000 BTC¹⁹ as of 2024. At its peak, the exchange processed 70%²⁰ of all bitcoin transactions worldwide.
Bitfinex (2016): In August 2016, hackers exploited a multisignature vulnerability²¹ in the Hong-Kong based exchange’s platform, stealing nearly 120,000 BTC of customer funds, worth around $72M. Approximately 80%²² of client funds were recovered by January 2025.
Coincheck (2018): Japanese exchange Coincheck suffered a $530M loss²³ when hackers infiltrated and stole NEM tokens. The stolen tokens were stored in a hot wallet, a part of the exchange connected to the internet, and the company blamed a lack of technical oversight²⁴ for the loss.
Binance (2019, 2022): Binance is a digital asset exchange with 245 million users²⁵ and over $20B²⁶ in daily trading volumes. The company experienced in May 2019 a phishing and malware attached which drained 7,000 BTC²⁷ (worth $40M) from customer accounts. A subsequent cyberattack²⁸ in October 2022 resulted in the theft of about two million BNB (Binance Coin) tokens, worth over $570M.
Poly Network (2021): A hacker exploited vulnerabilities in cross-chain smart contracts, siphoning over $600M²⁹ from Poly Network, an DeFi interoperability protocol to trade digital assets between blockchains. The bulk of the funds were subsequently recovered.
FTX (2022): Although not a hack in the traditional sense, FTX's mismanagement and lack of internal security controls led to an $8 billion shortfall³⁰ in customer funds and the company’s bankruptcy in October 2022. During the same month, over $500M³¹ in customer funds were removed by hackers from customer accounts. The company was engaged in unauthorised lending and misuse of customer funds for trading purposes, while suffering from a lack of internal controls and auditing procedures³². At the time of its bankruptcy, FTX was the third-largest digital currency exchange in the world, with an average daily trading volume of over $10B³³.
Bybit Hack (2025): In February 2025, a team of North Korean hackers stole approximately $1.5B in digital assets³⁴ from Dubai-based Bybit's Ethereum wallet, becoming the biggest cryptocurrency theft ever recorded.
