Digital Asset Security: Unpacking Hacks & Risks

Learning from the Past: BitGo’s Blueprint for Digital Asset Security

Digital money enables seamless value transfer across the internet with minimal friction—just a few clicks away. However, the ability to move money quickly also introduces significant risks. Bad actors continuously seek vulnerabilities, exploiting weak security measures to steal funds and disrupt the ecosystem.

Our analysis reveals the root causes behind these incidents demonstrating how BitGo’s institutional-grade security solutions could have effectively prevented them—providing the protection needed in an evolving digital economy.

The State of Digital Asset Security

Key Statistics:

• $2.2B was stolen in crypto-related hacks in 2024, up 21% from the previous year. According to a report from Chainalysis.

• Approximately 15% of breaches involved compromised credentials over the past year.

• Significant Losses attributed to hot wallets: Hot wallets are a top target for cybercriminals due to their constant internet connectivity, making them more susceptible to successful attacks than cold storage solutions.

Case Studies of Crypto Breaches

Below, we want to guide you through some of the most impactful breaches, examining the security gaps exposed. These case studies provide valuable insights into the risks facing the industry and the steps that can be taken to prevent similar incidents in the future.

2023: The Poloniex Exchange Hack: Approximately $125 Million Lost

• Incident: In November 2023, Poloniex, a cryptocurrency exchange, suffered a breach when attackers drained its hot wallet, resulting in an estimated loss of around $125 million.

• Root Cause: Compromise of private keys associated with the exchange's hot wallets connected to the internet.

How BitGo protects and prevents these types of attacks and losses:

BitGo's advanced multi-signature technology and emphasis on cold storage solutions significantly reduce the risks associated with hot wallets. BitGo's security architecture ensures that private keys are distributed and stored offline, making unauthorized access exceedingly difficult.

2024: WazirX Exchange Hack: Approximately $235 Million Stolen

• Incident: In July 2024, WazirX, an India-based cryptocurrency exchange, was hacked, leading to the loss of approximately $234.9 million in investor funds.

• Root Cause: The attackers exploited vulnerabilities in WazirX's multi-signature wallet system, gaining unauthorized access and transferring funds to their addresses.

How BitGo Could Have Prevented This:

BitGo's robust access control policies, including multi-user approvals and policy-driven transaction processes, provide an additional layer of security that could have prevented unauthorized access.

2025: ByBit Exchange Hack: Approximately $1.5 Billion Stolen

• Incident: Bybit suffered the largest hack in history with approximately $1.5 billion stolen by the Lazarus Group. 

• Root Cause: The attack was executed by North Korea's Lazarus Group and involved malware, deploying a malicious script on a 3rd party wallet site, combined with a “delegatecall” exploit to take over Bybit's cold wallet and blind signing.

How BitGo Could Have Prevented This:

BitGo’s security model is comprehensive and robust, taking a defense-in-depth & breadth, multi-layered tiered approach. This is significantly and fundamentally more secure and remediates the known attack vectors that led to Bybit’s $1.46 billion hack. BitGo custody multi-sig wallets do not have the “delegatecall” capability. 

Lessons Learned

These hacks will continue because service providers often value speed over security, but with liquid assets, that is not a compromise you have to make with BitGo. 

The Cost of Inadequate Security:

• Financial Loss: Hacks lead to immediate and often irrecoverable losses.

• Reputational Damage: Irreparable damage to an institution’s credibility.

• Regulatory Scrutiny: This can lead to a business shutdown, large fines, and government-controlled oversight.

Why Institutions Need BitGo

• Track Record: BitGo has maintained a perfect record, with ZERO breaches.

• Insurance: $250 million in insurance coverage

• Regulated Custodian: BitGo is a globally regulated qualified custodian, ensuring the highest standards of security and trust.

By choosing BitGo, institutions can safeguard their digital assets against security threats, ensuring operational continuity and client trust. BitGo empowers institutions to navigate the digital asset space confidently, minimizing risk while maximizing security and reliability.

Secure your Digital Assets

• Multi-Signature Technology: Removes single points of failure and enforces shared responsibility.

• Cold Storage Expertise: Our offline-signing approach and physically secure process minimize exposure to online threats.

• Policy-Driven Access Controls: Enforce granular permissions to reduce the risk of insider threats and unauthorized access.

The BitGo Advantage:

• Flawless Track Record: Zero breaches in over a decade.

• Customizable Security Solutions: Tailored to meet the unique needs of each client.

• Unparalleled Expertise: Trusted by leading exchanges, funds, and enterprises globally.

Securing Your Digital Future: Why BitGo is The Best Defense

Cybercriminals are relentless, and digital assets remain highly vulnerable without proactive defenses.

BitGo offers the institutional-grade security needed to protect against these evolving threats. With a flawless track record, comprehensive insurance coverage, and compliance with the highest regulatory standards, BitGo provides a secure and trusted custody solution. If you do not take the proper security precautions, it only takes one mistake to compromise your funds. BitGo is here to make such a mistake nearly impossible. 

Protect your assets before the next attack happens. 

Connect with us today to learn how BitGo can safeguard your digital assets with cutting-edge security and risk mitigation strategies.