Opinion by: Andrey Sergeenkov, researcher, analyst and author
Crypto founders love huge guarantees: decentralized finance, banking the unbanked and freedom from intermediaries. Then hacks occur. In some circumstances, billions vanish in a single day.
On Feb. 21, 2025, the North Korean Lazarus Group stole $1.46 billion from Bybit. They despatched phishing emails to employees with chilly pockets entry. After compromising these accounts, they accessed Bybit’s interface and changed the multisignature pockets contract with their malicious model. When Bybit tried a routine switch, the hackers redirected 499,000 Ether (ETH) to addresses they managed.
This wasn’t only a human error. This was a design failure. A system that enables human elements to allow a billion-dollar theft isn’t progressive — it’s irresponsible.
Individuals are not protected
In simply 10 days, the hackers transformed all 499,000 ETH into untraceable funds, utilizing THORChain as their major channel. The decentralized alternate processed a report $4.66 billion in swaps in every week however carried out no safeguards towards suspicious exercise.
The crypto trade has created a system that can’t shield customers even after they uncover a theft. Some providers truly profited from this crime, gathering thousands and thousands in charges whereas processing the laundering of stolen funds.
Current: SafeWallet releases Bybit hack post-mortem report
In February 2025, investigators ZachXBT and Tanuki42 revealed that Coinbase users lost over $300 million annually to social engineering assaults. Their report confirmed $65 million stolen by phishing and different social manipulation strategies in December 2024 and January 2025. In line with the investigators, Coinbase failed to handle recognized safety vulnerabilities of their API keys and verification programs that make these human-targeted assaults profitable.
ZachXBT straight criticized the alternate for having “ineffective buyer assist brokers” and failing to correctly report theft addresses to blockchain monitoring instruments, making stolen funds tougher to trace. One scammer even admitted to concentrating on rich customers, claiming they make no less than 5 figures every week.
These aren’t remoted circumstances. The US Federal Bureau of Investigation reported that abnormal crypto customers lost over $5.6 billion to fraud in 2023, and social engineering drove no less than half of those schemes. Individuals alone lose roughly $2 billion–$3 billion yearly to human vulnerability assaults. With over 600 million crypto customers worldwide, conservative estimates put particular person losses from social engineering at $6 billion–$15 billion in 2024.
Barrier to adoption
Safety considerations at the moment are recognized as the main barrier to adoption by 37% of crypto customers worldwide. In the meantime, the trade continues to promote high-risk speculative assets like memecoins, the place common customers usually lose cash whereas insiders revenue.
Whereas founders pitch monetary freedom, thousands and thousands of actual folks lose their financial savings by vulnerabilities the trade refuses to handle. They’re signs of a elementary drawback: Crypto builders select advertising over safety.
When disasters occur, and so they face strain about safety failures, crypto leaders disguise behind blockchain’s “code is regulation” precept and provide philosophical arguments about self-sovereignty and private duty. The crypto trade likes to blame abnormal customers: “Don’t retailer keys on-line,” “Verify addresses earlier than sending,” “By no means open suspicious information.”
No one is secure
Even trade leaders themselves fall sufferer to the identical fundamental assaults. In January 2024, Ripple co-founder Chris Larsen lost 283 million XRP (XRP) as a result of storing personal keys in an internet password supervisor. DeFiance Capital founder Arthur_0x lost $1.6 million in non-fungible tokens (NFTs) and cryptocurrency just by opening a phishing PDF file.
These folks aren’t naive newbies — they’re creators and specialists of the very system that would not shield even them. They know all the safety guidelines, however the human issue is inevitable. If even the system architects lose thousands and thousands, what probability do abnormal customers have?
Data of safety guidelines doesn’t present full safety as a result of fever, stress, sleep deprivation or emotional misery severely have an effect on our decision-making skills. Attackers repeatedly take a look at completely different approaches, ready for moments when customers develop into weak. They evolve their ways consistently, creating more and more convincing situations, impersonations and pressing conditions.
The unchangeable nature of blockchain transactions calls for extraordinary safeguards — not fewer. If customers can’t reverse errors or thefts, the system should forestall them within the first place. True innovation means constructing programs that work for actual people, not theoretically good customers. Banks realized this lesson over centuries. Crypto builders should study it quicker.
As a substitute, trade leaders appear to have misplaced contact with actuality because of the excessive wealth dumped on them rapidly. They’ve purchased into their PR narrative, portraying them as geniuses, and began viewing themselves as visionaries.
A name to motion
Vitalik Buterin lectures his audience on voting in elections and polishes his manifesto, whereas Justin Solar spends $6.2 million on a banana for a “distinctive creative expertise” — all whereas constructing an surroundings that makes harmful errors straightforward to make. This strategy is basically dishonest. You possibly can’t declare to revolutionize finance whereas offering much less safety than the programs you’re changing.
What technical brilliance exists in programs that allow billion-dollar thefts and systematic fraud of abnormal customers with such ease? As a core perform, true technical excellence would come with defending customers from everlasting monetary loss. A monetary system that can’t safe its customers’ belongings is just not technically superior — it’s basically incomplete.
It’s time to cease writing manifestos and selling questionable PR stunts designed to draw a broader and extra weak viewers. Begin constructing real protections that match the extent of threat your customers face. No quantity of blockchain innovation issues if abnormal folks can not use these programs with out concern of instantaneous, everlasting monetary loss.
Something much less is simply reckless experimentation at customers’ expense disguised as a revolution — a scheme that enriches founders and insiders whereas abnormal folks bear all of the dangers.
If the trade doesn’t resolve this drawback, regulators will — and also you received’t like their options. Your philosophical arguments about self-sovereignty received’t matter when licenses are revoked and operations shut down.
That is the selection crypto builders face: Both create actually safe programs that justify your claims about monetary innovation or watch as regulators rework your “revolutionary know-how” into one other closely regulated monetary service. The clock is ticking.
Opinion by: Andrey Sergeenkov, researcher, analyst and author.
This text is for normal data functions and isn’t meant to be and shouldn’t be taken as authorized or funding recommendation. The views, ideas, and opinions expressed listed here are the writer’s alone and don’t essentially replicate or characterize the views and opinions of Cointelegraph.
