Safe CEO Says Bybit Hack Exposed Fragmented Self-Custody Security

In February, the cryptocurrency ecosystem stood on the precipice of calamity. Hackers stole $1.5 billion of Ether from crypto trade Bybit, the biggest theft the {industry} had ever seen.

Fears of a contagion-driven market collapse have been alleviated by an industry-wide effort to plug the hole at Bybit, and inside hours, the trade regained management of the scenario.

The autopsy revealed that Bybit’s routine switch of Ether (ETH) between wallets had been captured by hackers. The attackers, believed to be North Korean Lazarus Group, compromised a SafeWallet developer machine, injecting malicious JavaScript into the person interface, which tricked Bybit’s multisignature course of into approving a malicious good contract.

9 months in the past, Bybit suffered the largest-ever crypto heist, as hackers stole ~$1.5 billion in Ethereum (~401,000 ETH) throughout a routine ETH switch.

Since then, the crew @safe has fully overhauled its infrastructure and programs. Safe CEO @rahulrumalla spoke candidly about… pic.twitter.com/fOYVOdF7ca

— Gareth Jenkinson (@gazza_jenks) November 6, 2025

The incident was a wake-up name for the cryptocurrency {industry}, on condition that many exchanges and corporations depend on the infrastructure and companies of gamers like Safe. Although Safe is a self-custodial pockets service, the incident proved that refined social engineering or compromised bodily {hardware} stays a risk to the complete {industry}.

Safe CEO Rahul Rumalla joined Cointelegraph’s Chain Response dwell present to mirror on the learnings and systemic adjustments necessitated by the Bybit incident and the ever-present, ever-changing threats from cybercriminals.

Associated: SafeWallet releases Bybit hack post-mortem report

Self-custody is fragmented

As Rumalla defined, a Safe developer workstation had been compromised, which set an entry level for hackers to stage an assault that might manipulate the web site code. 

The Safe CEO mentioned that the scenario “was a reckoning second” that pressured the crew to reorganize its safety and infrastructure. It additionally drew consideration to industry-standard practices that will not be totally appropriate for the aim.

“Lots of people truly are subjected to the idea of blind signing. You actually don’t know what you’re signing, be it your signing machine or your {hardware} gadgets. And that begins with training, that begins with consciousness, that begins with requirements,” Rumalla mentioned.

“Finally, on the earth of self-custody, the precise elementary design of that is shared accountability of safety. It’s fragmented. And that is what we began re-architecting.”

Rumalla added that whereas Safe had confronted vital scrutiny within the wake of the Bybit theft, its core purchasers have been supportive and keenly conscious of the core assault vectors that led to the incident. 

Associated: Timeline: How Bybit’s lost Ethereum went through North Korea’s washing machine

His crew then set to work breaking down the layers of structure that make up Safe’s safety infrastructure. 

“We broke it down by transaction stage safety, signer machine stage safety, infrastructure stage safety, but in addition requirements and compliance, and auditability. All of them must work collectively indirectly,” Rumalla mentioned.

The evolving risk from hackers 

Lazarus Group hackers have been probably the most prolific risk to the cryptocurrency ecosystem lately. Mainstream media forecasts the North Korean hacking group to bag over $2 billion in stolen cryptocurrency in 2025.

Rumalla mentioned that the largest problem is the facet of social engineering that hacking teams are utilizing to infiltrate main firms within the {industry}.

“These attackers are in Telegram channels. They’re in our firm intro chats, they’re in your DAO’s posting for grants. They’re making use of for jobs as IT employees. They benefit from the human ingredient.”

This additionally offered a silver lining for Rumalla and his crew. Taking solace from the truth that their code and protocol weren’t at fault, the CEO mentioned there’s an earnest effort to stability safety and usefulness.

“The good accounts, the core protocol, that was tremendous battle examined, which actually gave us the boldness to raise this on the layers above as properly.”

Rumalla added that self-custody know-how traditionally concerned a compromise between comfort and safety. Nonetheless, a mindset change is required to make sure steady evolution in services that make it straightforward and safe for folks to take self-custodial management of their belongings.

Journal: North Korea crypto hackers tap ChatGPT, Malaysia road money siphoned: Asia Express