Securing digital assets as crypto crime surges
In February 2025, cyberattackers thought to be linked to North Korea executed a sophisticated supply chain attack on cryptocurrency exchange Bybit. By targeting its infrastructure and multi-signature security process, hackers managed to steal more than $1.5 billion worth of Ethereum in the largest known digital-asset theft to date.
The ripple effects were felt across the cryptocurrency market, with the price of Bitcoin dropping 20% from its record high in January. And the massive losses put 2025 on track to be the worst year in history for cryptocurrency theft.
Bitcoin, Ethereum, and stablecoins have established themselves as benchmark monetary vehicles, and, despite volatility, their values continue to rise. In October 2025, the value of cryptocurrency and other digital assets topped $4 trillion.
Yet, with this burgeoning value and liquidity comes more attention from cybercriminals and digital thieves. The Bybit attack demonstrates how focused sophisticated attackers are on finding ways to break the security measures that guard the crypto ecosystem, says Charles Guillemet, chief technology officer of Ledger, a provider of secure signer platforms.
”The attackers were very well organized, they have plenty of money, and they are spending a lot of time and resources trying to attack big stuff, because they can,” he says. “In terms of opportunity costs, it’s a big investment, but if at the end they earn $1.4 billion it makes sense to do this investment.”
But it also demonstrates how the crypto threat landscape has pitfalls not just for the unwary but for the tech savvy too. On the one hand, cybercriminals are using techniques like social engineering to target end users. On the other, they are increasingly looking for vulnerabilities to exploit at different points in the cryptocurrency infrastructure.
Historically, owners of digital assets have had to stand against these attackers alone. But now, cybersecurity firms and cryptocurrency-solution providers are offering new solutions, powered by in-depth threat research.
A treasure trove for attackers
One of the advantages of cryprocurrency is self custody. Users can save their private keys—the critical piece of alphanumeric code that proves ownership and grants full control over digital assets—into either a software or hardware wallet to safeguard it.
But users must put their faith in the security of the wallet technology, and, because the data is the asset, if the keys are lost or forgotten, the value too can be lost.
”If I hack your credit card, what is the issue? You will call your bank, and they will manage to revert the operations,” says Vincent Bouzon, head of the Donjon research team at Ledger. “The problem with crypto is, if something happens, it’s too late. So we must eliminate the possibility of vulnerabilities and give users security.”
Increasingly, attackers are focusing on digital assets known as stablecoins, a form of cryptocurrency that is pegged to the value of a hard asset, such as gold, or a fiat currency, like the US dollar.
Stablecoins rely on smart contracts—digital contracts stored on blockchain that use pre-set code to manage issuance, maintain value, and enforce rules—that can be vulnerable to different classes of attacks, often taking advantage of users’ credulity or lack of awareness about the threats. Post-theft countermeasures, such as freezing the transfer of coins and blacklisting of addresses, can lessen the risk with these kinds of attacks, however.
Understanding vulnerabilities
Software-based wallets, also known as “hot wallets,” which are applications or programs that run on a user’s computer, phone, or web browser, are often a weak link. While their connection to the internet makes them convenient for users, it also makes them more readily accessible to hackers too.
“If you are using a software wallet, by design it’s vulnerable because your keys are stored inside your computer or inside your phone. And unfortunately, a phone or a computer is not designed for security.” says Guillemet.
The rewards for exploiting this kind of vulnerability can be extensive. Hackers who stole credentials in a targeted attack on encrypted password manager application LastPass in 2022 managed to transfer millions worth of cryptocurrency away from victims in the subsequent two or more years.
Even hardware-based wallets, which often resemble USB drives or key fobs and are more secure than their software counterparts since they are completely offline, can have vulnerabilities that a diligent attacker might find and exploit.
Tactics include the use of side-channel attacks, for example, where a cycbercriminal observes a system’s physical side effects, like timing, power, or electromagnetic and acoustic emissions to gain information about the implementation of an algorithm.
Guillemet explains that cybersecurity providers building digital asset solutions, such as wallets, need to help minimize the burden on the users by building security features and providing education about enhancing defense.
For businesses to protect cryptocurrency, tokens, critical documents, or other digital assets, this could be a platform that allows multi-stakeholder custody and governance, supports software and hardware protections, and allows for visibility of assets and transactions through Web3 checks.
Developing proactive security measures
As the threat landscape evolves at breakneck speed, in-depth research conducted by attack labs like Ledger Donjon can help security firms keep pace. The team at Ledger Donjon are working to understand how to proactively secure the digital asset ecosystem and set global security standards.
Key projects include the team’s offensive security research, which uses ethical and white hat hackers to simulate attacks and uncover weaknesses in hardware wallets, cryptographic systems, and infrastructure.
In November 2022, the Donjon team discovered a vulnerability in Web3 wallet platform Trust Wallet, which had been acquired by Binance. They found that the seed-phrase generation was not random enough, allowing the team to compute all possible private keys and putting as much as $30 million stored in Trust Wallet accounts at risk, says Bouzon. “The entropy was not high enough, the entropy was only 4 billion. It was huge, but not enough,” he says.
To enhance overall safety there are three key principles that digital-asset protection platforms should apply, says Bouzon. First, security providers should create secure algorithms to generate the seed phrases for private keys and conduct in-depth security audits of the software. Second, users should use hardware wallets with a secure screen instead of software wallets. And finally, any smart contract transaction should include visibility into what is being signed to avoid blind signing attacks.
Ultimately, the responsibility for safeguarding these valuable assets lies on both digital asset solution providers and the users themselves. As the value of cryptocurrencies continues to grow so too will the threat landscape as hackers keep attempting to circumvent new security measures. While digital asset providers, security firms, and wallet solutions must work to build strong and simple protection to support the cryptocurrency ecosystems, users must also seek out the information and education they need to proactively protect themselves and their wallets.
Learn more about how to secure digital assets in the Ledger Academy.
This content was produced by Insights, the custom content arm of MIT Technology Review. It was not written by MIT Technology Review’s editorial staff.
This content was researched, designed, and written by human writers, editors, analysts, and illustrators. This includes the writing of surveys and collection of data for surveys. AI tools that may have been used were limited to secondary production processes that passed thorough human review.
