The $1.5 billion theft from Bybit in February 2025 exposed weak points in centralized custody, with reports attributing the breach to North Korean actors. Exchanges, custodians, and institutional managers are being pressed to adopt stronger security structures. Elliptic links more than $6 billion in losses since 2017 to North Korean crews, underscoring the urgency for systemic safeguards.
A dual-wallet setup keeps day-to-day funds in hot wallets and long-term reserves in cold wallets, placing each behind cryptographic locks and AI surveillance. If one wallet is compromised, the remaining assets stay isolated. Its helps to limiting blast radius and preserving continuity while monitoring creates an evidence trail.
Multisig adds a second barrier by splitting signing authority, with a 3-of-6 rule requiring any three of six key holders to approve before coins can move. The combination of dual wallets, multisig, and live AI monitoring serves as both shield. Also audit-ready proof, making unauthorized transfers harder and easier to investigate.
Operational impact and evolving threats in Bybit
Day-to-day work changes as ledgers grow clearer and the chance of total loss drops, but staff must safeguard more keys and run tighter KYC/AML checks. AI scans transaction flows, flags anomalous sends, tracks phishing waves, and watches code repositories for implants, raising early alerts without removing human oversight.
Attackers still rely on fake hiring posts and backdoored build tools, with groups like Lazarus and BeaverTail hiding in poisoned dev pipelines. Multiple human reviews now slow large transfers, a tradeoff institutions accept when regulators demand proof of control, while models catch early hints of the same tricks that previously slipped through.
The short lesson is clear: split wallets, require several signatures, and let AI watch the flow. Analysts say these steps would have flagged the odd approvals that let the Bybit heist proceed, and the next target is to bake the same checks into every audit and custody policy governing exchanges and institutional vaults.
