Opinion by: Orest Gavryliak, chief legal officer, 1inch Labs
The Bybit breach in February smashed the record for the biggest hack in crypto history. More than $1.4 billion was stolen by North Korean cybercriminals in the blink of an eye, with the audacious heist making headline news around the world.
Now, as TRM Labs reports, $2.1 billion worth of crypto has been lost to attacks in the first half of 2025. That’s an exorbitant amount of money, and yet, the hacks seem set to continue.
While close attention was paid to these brazen thefts, there hasn’t been enough scrutiny of how these hackers managed to launder the crypto holdings. Centralized exchanges (CEXs) and DeFi protocols have lessons to learn from these devastating incidents — for different reasons.
CEXs must make changes
For the trading platforms relied on by millions of users worldwide, significant changes must be made to how transactions are signed. Depending on a user interface summary is no longer good enough; instead, it’s crucial to manually decode call data. Only then can executives be confident that funds moving from a cold wallet will reach their intended destination.
Other cutting-edge solutions include “intelligent co-signers” who validate the transaction and the signatures. This ensures suspicious requests are automatically rejected, even if all required approvals are present.
Transactions can now be simulated before signatures take place, coupled with real-time threat intelligence that flags high-risk call data. Making a concerted shift to multi-party computation — where private keys are split into multiple shards and never fully assembled — can prove to be a compelling alternative to smart contracts.
In recent crypto hacks, interfaces were manipulated. Bad actors deceived executives into accidentally authorizing malicious transactions. Over 80% of crypto stolen across 75 hacks so far this year was taken in so-called infrastructure exploits, which, on average, made off with 10 times more than other attack types.
It’s clear that a pattern is beginning to form, and it’s unacceptable for CEXs not to adapt in response to this established threat.
DeFi must defy hackers
The first step is to make it prohibitively difficult for hackers to treat exchanges like their own personal piggy bank, with robust safeguards that close off attack vectors. In the next step of the hackers’ journey, when they attempt to move illicit funds through decentralized platforms, essential improvements also need to be made.
Bybit CEO Ben Zhou’s frustration was palpable when he was attempting to freeze the vast amounts of ETH swiped from his platform in February. Blockchain analytics showed that the funds were being spread across many wallets in hundreds of transactions — splitting the $1.4 billion into countless little shards. On the When Shift Happens podcast, he described attempting to contact the platforms where the crypto had been moved, but by the time he received a response, the funds had been transferred to somewhere else.
This is why DeFi protocols need to ramp up efforts to prevent hackers from taking advantage of their infrastructure. A blend of risk intelligence, transaction monitoring, wallet screening and risk management software can all play a role here — without compromising on decentralization.
Some solutions use 24/7 real-time intelligence, while others also incorporate human-based intelligence to rapidly respond to incidents as they unfold. When paired with an advanced, multitasking risk management dashboard tailored for DeFi, this technology can screen interactions and transactions against blocked addresses, assign wallets to monitoring zones, and apply real-time risk scoring for addresses.
This layered approach allows for detecting malicious activity within seconds, empowering security teams to interpret behavioral anomalies, collaborate with external intelligence providers, and take swift action in complex or ambiguous situations where human judgment is essential. Suspicious wallets and IP connections can be blocked before funds are lost.
There’s nothing wrong with healthy competition between exchanges and DeFi protocols. Customers deserve choice. A hack against one platform must, however, be treated like an attack against them all.
Close collaboration isn’t just an exercise in good PR; it’s an opportunity to form a united front against thieves who jeopardize this industry’s future. Every hack dents consumer confidence, and if they keep happening, regulators may be left with no choice but to impose restrictions that also penalize law-abiding crypto users and developers.
Self-regulation is the future
By design, DeFi protocols are open to all users and don’t oversee, manage or “police” like a centralized alternative would. A non-custodial approach means DeFi developers cannot freeze illicit funds going through their platform. Lawmakers may not fully appreciate how DeFi platforms work, and as a result, developers are often accused of other people’s activity, even though they weren’t personally responsible for these transactions.
Recent crypto hacks need to serve as a wake-up call. Responsible DeFi developers must rally together to create sound governance and security models that keep up with technological advancements. Careful protocol design, layered defense systems and continual security reviews have the potential to make crypto hacks no longer worthwhile for opportunistic thieves.
The more profound truth is clear. If crypto fails to self-regulate, it could become one of the most compelling counterarguments against the free market itself.
Despite its flaws, traditional finance (TradFi) operates under a clear set of enforced rules created by regulators — a form of central planning that acts as a buffer against systemic risk and crime. DeFi, in contrast, prides itself on eliminating intermediaries and embracing pure market dynamics. Ongoing events show that absolute freedom may not be sustainable without even a thin layer of coordination or safeguards.
Perhaps the ideal is not a 100% free market but an 85% one, where the remaining 15% serves as a programmable rule layer designed to uphold security, prevent abuse and foster trust. Not to replicate TradFi’s bureaucracy but to implement automated, transparent and minimally invasive standards for things like Anti-Money Laundering, fraud detection and risk attribution.
Think of it not as top-down control but as protocol-level guardrails: smart, modular layers that allow DeFi to preserve openness while ensuring accountability. These could be community-driven, open-source standards embedded directly into protocols, decentralized applications and interfaces — a collective effort to reduce systemic threats without compromising decentralization.
DeFi doesn’t need to mimic TradFi to mature, but freedom without responsibility may invite chaos. The goal isn’t to restrict innovation but to future-proof it through shared standards, ethical design and resilience.
Yes, it will take time. Yes, it will take investment. And yes, it will require experimentation and a few false starts. But in the long run, the dividends will be enormous.
Opinion by: Orest Gavryliak, chief legal officer, 1inch Labs.
This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts, and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.
