What Lessons We Can Learn from Bybit Hack?

[TomPluz]

Days ago, the whole cryptocurrency industry got shocked finding out that Bybit got hacked courtesy of the so-called Lazarus hackers directly linked to the rogue North Korean government to the tune of almost $1.5 billion dollar worth of Ethereum. The incident sent shockwaves to many coins including Bitcoin and Ethereum and as of this writing the fallouts can still be seen and there is no timeline when things will be back to where it was.

The hack is sending us the big message that nothing is anymore secured in this world as anything can have a weakness and can be exploited by people who have the expertise, technology and the genius to do so.

"...the largest security incident in crypto history to date. Unlike previous security breaches, this theft was not caused by issues with smart contract permissions, but rather by a malicious upgrade of the Safe multisig wallet used by Bybit. This attack was a meticulously planned operation targeting Bybit, with the attacker having deployed and tested the attack contract on-chain two days prior to launching the final assault. "

So what are the many lessons we can learn from this hack attack aside from the fact that we can never trust any CEX so we never make them as our wallets?

[milewilda]

There's no other lessons on here.

"Not your keys, not your coins"

We do know that this isnt the first time that these exchanges being hacked and this is why its never been that recommended on putting up all of your assets on an exchange
even if they would say that they would compensate on to those affected users. We've seen enough back in the past and you wont really be that confident on making them as your main wallet.
There's no such thing about perfectt security on this world on which there's always those loopholes and exploits and its better to be wary than to be sorry in the end.
Trade only into those amounts on which you are really that trying out to trade.

[Bobcrypto]

I think there should be lessons to learn, because every crypto hack is a security exposure to exchanges and it's users globally.
To actually take some lessons home from the Bybit hack, the remote cause of the incident has been learnt and the control measures discussed, and are documented for future lessons from other Cex exchanges and individuals who thought that cold wallets can't be hacked.
As a matter of facts, as cryptocurrency is evolving, so are the scammers/hackers upgrading their skills and apparatus used to defraud users, organizations, companies overtimes. I think that at this juncture, we have to be vigilant on using our wallets, watch for, at risk links, forbid clicking unknown links or sending wallet address unnecessarily.

[Baofeng]

It's obvious that we should put our crypto in a exchange, specially very big money.

For exchange, it's going to be a cat and mouse game, not just groups like the state sponsored Lazarus, but there are a lot of cyber criminals around the world and they are the main target.

So they should be like one step of the game and have someone really at the guard 24x7, technical people that are going to watch their wallets for unauthorized accessed.

[bitterguy28]

So what are the many lessons we can learn from this hack attack aside from the fact that we can never trust any CEX so we never make them as our wallets?

it is to not put all of your money in one exchange because even if you do not do anything in particular to put your funds in danger you never know what could happen to the exchange hence why it would be safe if you distributed your money across different storages

aside from this not much really because you as i said what happened with bybit is out of the users' control it is not like they intentionally given access to their funds

[hugeblack]

So what are the many lessons we can learn from this hack attack aside from the fact that we can never trust any CEX so we never make them as our wallets?

Buy more Bitcoin? It is an opportunity to buy Bitcoin for less than $90,000.

nothing can be learned. It is not the first time that a centralized service has been hacked, and it will not be the last.
If you have not already planned to withdraw coins from crypto exchanges, you will not do so because of such a hack.

[Alone055]

it is to not put all of your money in one exchange because even if you do not do anything in particular to put your funds in danger you never know what could happen to the exchange hence why it would be safe if you distributed your money across different storages

Even though the funds of users in this incident are safe, and they are compensated for them if some of them had their funds stolen, you are still right that one shouldn't keep funds that are idle in a centralized exchange because there is no point in doing that. If you know you have extra funds and they aren't being used for trading or anything, simply withdraw them and keep them in a wallet, it's better if the wallet is decentralized or non-custodial because withdrawing them from an exchange and keeping them in a custodial wallet wouldn't make it any different.

Many people don't do this because they say they might use those funds for trading or buying cryptocurrencies sometime in the future and they don't want to pay the fees for withdrawing and then depositing, so they prefer keeping them in the exchange they use, but that is not a good practice and in case the exchange gets hacked and it doesn't compensate its users, you money will be gone forever.

[ajiz138]

It is not the first time that a centralized service has been hacked, and it will not be the last.

That's an interesting point, "this is not the first time and it won't be the last". Yes, that's very true, because the risk is always there, and who would have thought before that bybit would experience such a hack.

The point is we have to be careful, there is no safe place, no one can be trusted, so we have to apply that principle. It can be something that makes us more alert to everything.

[Mr. Magkaisa]

         -     I think we have learned a long time ago from these hacking issues in the field of the cryptocurrency industry. This bybit is no different from previous
hacking issues in big exchanges.

The only difference is that Bybit was the biggest scandal issue in terms of the amount taken from them because it was around 1.4 billion$, now in terms of lessons,
I see that many are really careful ever since before there was a hacking issue with bybit.

[Rruchi man]

So what are the many lessons we can learn from this hack attack aside from the fact that we can never trust any CEX so we never make them as our wallets?

After listing out the many lessons to learn from the recent hack, the next question would be if people would truly learn these lessons because people are very quick to forget these experiences after a few weeks and then go back to making the same mistakes that exposed them to becoming victims of hacks like this.

[target]

One lesson is that there is never a secure exchange. Any exchange can be hacked and it doesn't even need to be Lazarus. What do we know about Lazarus anyway except from what the media is saying about them. I say the lesson to learn is that we'll never know what is to know.

But the exchange lost $1.4B. Do you think the company will should those loss?
Because even the biggest institutions wouldn't really be shouldering it but bybit is confident they have the money to cover. And at the same time they wanted to freeze Lazarus' wallet.

[bitmover]

There's no other lessons on here.

"Not your keys, not your coins"

This is true.

While bybit was able to recover from the losses and even allowed all withdrawals, the history could have been different.

Always keep your funds out of exchanges. Buy a hardware wallet and stay safe!

[Amug123]

Despite the negative event, the hacker has highlighted some strenth within  the crypto industry.  The incident has shed light on the importance of security measures. And I believe  Many exchanges have already started reviewing their system to prevent similar attacks in the future.

[Mia Chloe]

So what are the many lessons we can learn from this hack attack aside from the fact that we can never trust any CEX so we never make them as our wallets?

Basically in my opinion I think the biggest lesson to learn from the Bybit hack is actually the fact that no method of storing your coins is 100% safe. This is mainly because of the fact that every method has its flaws and disadvantages and it doesn't really matter if you store them offline or online they still exist.

The only difference is searching for a method with lower security risks just to ensure that your funds are safer though they are not 100 percent safe in theory because of flaws.

[Rubel007]

Even after being careful, a cryptocurrency exchange can be hacked at any time. There is nothing we can do as a user here, but what we can do for personal security is to keep the amount of assets we trade on that exchange platform. If there is excess fund, we can keep it in our own wallet. This way, even if an exchange is hacked, we don't have to lose everything. Exchange platforms are under the control of others, so it is safer to keep assets in the wallet that we control. Crypto exchange platforms can be hacked, but if someone is careful for their own security, it will be profitable for them.