Heaptalk, Jakarta — In February 2025, the most significant cryptocurrency theft in history was recorded. The attackers stole approximately $1.5 billion from Bybit, the second-largest cryptocurrency exchange in the world, based in Dubai. This case has raised concerns about crypto security.
The FBI officially identified a North Korean group codenamed ‘TraderTraitor’ as the culprit. This group is known as Lazarus, APT38, or BlueNoroff within the information security community. Their hallmark involves relentless, sophisticated, and ongoing attacks in the crypto asset space: hacking wallet developers, robbing exchanges, stealing from regular users, and even creating fake games.
Kaspersky revealed some tips for securely storing crypto assets, including purchasing a hardware wallet with a screen, which is considered the most effective way to protect crypto assets. Asset owners must first research the vendor to ensure a good reputation. Purchases should be made directly, avoiding second-hand wallets or marketplace buys.
Avoiding putting all crypto assets in one place
Storing the wallet’s seed phrase electronically, including using computer files or photos in galleries, is not recommended. Modern Trojans have learned to infiltrate Google Play and App Store and can recognize data in photos stored on your smartphone. Only paper notes or metal engravings stored in a safe or other physically secure place, protected from unauthorized access and natural disasters, are practical.
Avoid putting all your ‘crypto eggs’ in one basket like other assets. For holders of large or diverse types of crypto assets, it makes sense to use multiple wallets. Small amounts for transaction needs can be kept on exchanges, while the majority can be split among several hardware crypto wallets.
Owners should use a dedicated computer for crypto transactions if possible. However, if that is not feasible, maintain strict digital hygiene on your primary computer. Create separate accounts with low privileges (non-administrator) for crypto operations and use another account—also non-administrator—for work, chatting, and gaming.
Installing robust security tools
Crypto asset owners should exercise caution when choosing crypto wallet software. Carefully review software descriptions, ensure the app has been available in the market for a long time, and check if the source is from an official website and if its digital signature matches the vendor’s website and name. Conduct a deep scan of your computer with the latest security tools before installing and running crypto wallet software. Owners are advised to install robust security tools on both computers and smartphones.
Additionally, owners should be cautious about updates in crypto applications. After releasing a new version, wait about a week and read reviews before installing it. This gives the community time to identify any bugs or Trojans that might have infiltrated the update.
Lastly, phishing is a significant concern for crypto asset owners. Cryptocurrency fraud can be multifaceted and sophisticated, so unexpected messages via email, messenger apps, and similar platforms should be regarded as potential initial attempts at fraud.
