Opinion: Orest Gavryliak, Chief Legal Officer, 1inch Labs
A February Bibit violation destroyed the record of the biggest hack in cryptography history. Over $1.4 billion has been stolen by North Korean cybercriminals in an instant, and bold robbers have made headlines around the world.
As reported by TRM Labs, $2.1 billion worth of codes were lost in the attacks in the first half of 2025. That’s an exorbitant amount, but the hacking seems to continue.
Although extreme caution was given to these brave thefts, there was not sufficient scrutiny about how these hackers wash their codeholders. Intensive Exchange (CEXS) and Defi protocols have lessons to learn from these devastating events for a variety of reasons.
CEXS needs to make changes
For trading platforms that rely on millions of users around the world, major changes need to be made in the way transactions are signed. Depending on the user interface, the overview is no longer sufficient. Instead, it is important to manually decode the call data. Only then can the executive be sure that funds from the cold wallet will reach the intended destination.
Other cutting-edge solutions include “intelligent co-signers” who validate transactions and signatures. This ensures that suspicious requests will be automatically rejected, even if all necessary approvals are present.
Transactions, coupled with real-time threat intelligence that flags high-risk call data, can now be simulated before signing. The private key split into multiple pieces and shifting in concert to multiparty calculations that are not fully assembled proves to be an attractive alternative to smart contracts.
In a recent crypto hack, the interface was manipulated. The bad actor mistakenly deceived executives to allow malicious deals. Over 80% of the cryptography stolen in 75 hacks so far this year have been filmed in so-called infrastructure exploits.
It is clear that patterns are beginning to form, and it is unacceptable that CEXS will not adapt in response to this established threat.
defi should ignore hackers
The first step is to use robust protective measures with closed attack vectors to make it prohibitively difficult for hackers to treat interactions like their own personal piggy banks. The next step in the hacker’s journey also needs to make important improvements when trying to move illegal funds through decentralized platforms.
The frustration of Bibit CEO Ben Zhou was evident in February when he was trying to freeze the vast amount of ETH swiped from the platform. Blockchain analysis showed that hundreds of transactions spread funds to many wallets. When Shifts fired a podcast, he explained that he was trying to contact the platform where the code was moved, but by the time he received the response, the funds had been moved somewhere else.
This is why the Defi protocol needs to step up efforts to prevent hackers from using their infrastructure. A blend of risk intelligence, transaction monitoring, wallet screening and risk management software can all play their part here without compromising on decentralization.
Related: Crypto-seedphrase, front-end hack drives record losses in 2025: TRM Lab
Some solutions use real-time intelligence, 24/7, while others incorporate human-based intelligence and respond quickly to incidents as they deploy. When paired with an advanced multitasking risk management dashboard tailored to DEFI, the technology can screen for interactions and transactions against blocked addresses, assign wallets to monitoring zones, and apply real-time risk scoring to addresses.
This layered approach allows for malicious activity to be detected within seconds, security teams interpret behavioral anomalies, work with external intelligence providers, and take action quickly in complex or ambiguous situations where human judgment is essential. Suspicious wallets and IP connections can be blocked before funds are lost.
There is no problem with the sound competition between exchanges and debt protocols. Customers deserve a choice. However, hacks against one platform must be treated like an attack on all of them.
Close collaboration is more than just an exercise in good PR. It’s an opportunity to form a united front against thieves who risk the future of this industry. All hacks shun consumer trust and if they are happening, regulators may have no choice but to impose restrictions that also fines law-abiding crypto users and developers.
Self-regulation is the future
By design, the Defi protocol is open to all users and does not supervise, manage, or “police” like a centralized alternative. A non-mandatory approach means that Defi developers cannot freeze illegal funds passing through the platform. Lawmakers may not fully appreciate how the Defi platform works. As a result, developers are often charged with the activities of others, even if they are not personally liable for these transactions.
Modern crypto hacks should act as wake-up calls. Responsible Defi developers need to come together to create sound governance and security models to keep up with technological advances. Careful protocol design, layered defense systems, and ongoing security reviews can make crypto hacks worthless for opportunistic burglars anymore.
The deeper truth is clear. If the code fails to self-regulate, it could be one of the most persuasive rebuttals to the free market itself.
Despite its flaws, traditional finance (TRADFI) works under clear enforcement rules created by regulators. This is a form of central planning that acts as a buffer against systematic risk and crime. In contrast, defi takes pride in embracing the elimination of intermediaries and the dynamics of pure markets. Ongoing events indicate that absolute freedom may not be sustainable without even a thin layer of coordination or protection.
Perhaps the ideal is 85%, not the 100% free market, with the remaining 15% serving as a programmable rules layer designed to maintain security, prevent abuse and promote trust. Rather than replicating Tradfi’s bureaucracy, implementing automated, less transparent, invasive standards for anti-money laundering, fraud detection, risk attribution, and more.
Think of it as a protocol-level guardrail, not a top-down control. A smart modular layer that allows Defi to maintain accountability while maintaining openness. These could be community-driven open source standards that are embedded directly into protocols, distributed applications, and interfaces. This is a collective effort to reduce systematic threats without compromising decentralization.
Defi doesn’t have to mature by mimicking cordfi, but unresponsible freedom can cause confusion. The goal is not to limit innovation, but to implement future control through shared standards, ethical design and resilience.
Yes, it will take some time. Yes, you need to invest. And yes, it requires experimentation and some false start. However, in the long term, dividends are huge.
Opinion: Orest Gavryliak, Chief Legal Officer, 1inch Labs.
This article is for general informational purposes and is not intended to be considered legal or investment advice, and should not be done. The views, thoughts and opinions expressed here are the authors alone and do not necessarily reflect or express Cointregraph’s views and opinions.
