Cryptocurrency exchanges face over $1.5B in losses from hacks, urging better bug bounty rewards.

From Cointelegraph

March 3, 2025 09:07 AM:

Cryptocurrency losses from security breaches exceed $1.5 billion, urging exchanges to enhance bug bounty programs. Bybit hack alone accounted for over $1.4 billion in losses, with other exploits totaling $126 million, including a $49 million Infini hack. Ethical hackers stress the need for better rewards to prevent similar incidents.

A bug out of scope led to the $1.4 billion Bybit hack, as the bounty program did not reward bugs related to front and back-end issues. The security professional emphasized the importance of offering higher rewards to ethical hackers to avoid future breaches. Bybit’s bug bounty program currently offers up to $10,000 on HackerOne.

Experts recommend adopting stricter security measures to prevent future exploits like the Bybit hack. Air-gapped signing devices, non-persistent OS environments, and enhanced authentication layers for transactions are suggested industry standards. Red-team exercises and phishing simulations can also help mitigate social engineering risks, according to CertiK.

CertiK’s report highlighted that the Bybit exploit resulted from a phishing attack, while the Infini hack involved an admin private key leak. Both incidents underscore the importance of stronger authentication and real-time transaction monitoring to prevent manipulation. The need for more resilient UI security was also emphasized to enhance platform security.

Read more at Cointelegraph: $1.5B crypto hack losses expose bug bounty flaws