Bybit, the world’s second-largest cryptocurrency exchange by trading volume, has been writing a new page of central exchanges’ (CEX) security playbook in its battle against cyber attacks. Apart from the on-going fund recovery mission, Bybit has revealed a three-dimensional revamp of its safety guardrails: security audits, wallet fortifications, and infosec upgrade.
In February, Bybit was subjected to a sophisticated multi-stage attack which turned out to be the largest hack known to crypto. While the hack, caused by a compromised external multi-signature service, did not breach Bybit’s infrastructure or core security parameters, the exchange has taken extra steps to enhance its security setup and platform integrity. Approaching the challenges from three key aspects, Bybit proactively elevated its safety standards in the weeks that followed.
- Closing Gaps: Security Audits
While still recovering from the hack, Bybit immediately sought to conduct evaluations of its systems and processes simultaneously. Within a month of the hack, Bybit concluded nine security audits conducted by in-house specialists and independent external experts, and implemented over 50 new security measures and recommendations.
- Safer Cold Wallet Solutions
At the time of the incident, Bybit followed industry best practices in wallet safety. However, the event demonstrated the severity of the cyber security arms race as more powerful hacking groups entered the scene. Bybit has since adopted more stringent cold wallet solutions to minimize the attack surface to enhance procedural, algorithmic, and hardware safety. The three-dimensional framework includes a revamped authorizations OSP (Operational Safety Procedure) mandating full-journey supervision by security experts, increased wallet protection using the MPC (Multi-Party Computation) model, and consolidating HSM (Hardware Security Modules) to achieve hardware-level safety.
- All Encrypted: Bank-Grade InfoSec
As a leading player in the cryptocurrency space, Bybit has built in encryption by default. Bybit is ISO/IEC 27001 certified for its information security risk management, the highest standard in the sector adopted by major financial institutions. All communications are end-to-end encrypted including non-customer facing exchanges, with file systems optimized for encrypting data at rest.
“In security, we are only as strong as our weakest link. Bybit has doubled down on fortifying our platform and procedures in the past two months in response to an increasingly challenging security landscape,” said Ben Zhou, co-founder & CEO at Bybit. “We will continue to deliver secure, trust-worthy, and user-friendly trading solutions that live up to our customers’ expectations,” he said.
The immediate aftermath of crypto’s most drastic hacking incident was brief, as Bybit was able to stay fully operational while fulfilling a record number of withdrawals in the first 12 hours. The exchange absorbed the damages and customer assets were ring-fenced from the incident. A hunt for the stolen funds is on-going on Bybit-led open platform for illicit fund tracing, Lazarus Bounty, where over $2.3 million in bounty rewards has been distributed to date.
Bybit has also come forth with full transparency including fresh proof-of-reserves exercises, and regained its leading positions across benchmarks, achieving No. 1 in capital inflows among CEX in March. A recent report by Kaiko corroborated the 30-day recovery, demonstrating Bybit’s liquidity resilience. The long-term impact, however, will send ripples through the industry as CEX are compelled to think about their security and risk management and stay a step ahead of malicious actors.
