Hacken analysts say many crypto companies were unable to meet even the baseline of cryptocurrency security standards, and billions were exposed to insider threats and leaks of qualifications.
With Crypto, one quiet smart contract update can cancel months of security work. Still, the industry still treats audits like a branding tool, according to analysts at Blockchain Forensic Firm Hacken.
The audit “should not be treated as a checkbox or logo on the homepage,” Hacken CEO Dyma Budorin said in an exclusive interview with Crypto.News. In his view, too many projects rely on static snapshots of code, calling it a day. However, if that code changes and is done frequently, the relevance of the audit can evaporate. “All audits will become obsolete the moment the contract changes,” he warned.
The issue is not only a lack of audits, but a lack of systems to monitor code after deployment. Hacken argues that without continuous verification and reaudition, the team could settle for false sense of security.
“A single feature that is often overlooked can open the door to disaster. The real issue is not just audit compensation, but audit relevance. All changes should be tracked, assumptions should be re-examined, and re-audits should be triggered if necessary.
This is budorine
The team proposes a shift towards more standardized, automated checks. Something like iconic execution, fuzzing, formal verification, etc. should be part of the launch checklist, not adding options. They say they shouldn’t do live without first passing on the baseline set of automated tests.
But that’s not enough. Changes to the contract ecosystem. An upgrade occurs. And sometimes, they don’t – even if they should. Hacken wants to see better controls on upgrading. The protocol should facilitate patching or deactivate the legacy contract if a risk is discovered. As the Hacken team pointed out, “Too often, patching is left by chance. What’s worse, to the mercy of hackers.”
Ultimately, the message is simple. If Crypto wants to grow into an infrastructure layer (something basic, not just speculative) can’t become security.
You might like it too: Bibit CEO: 27.6% of Bibit Hack Funds remains untraceable
Multisig is not enough
However, code is not necessarily an issue. In some of the biggest crypto violations, the first ones that break off are off-chain. For example, consider Bibit. The exchange lost nearly $1.5 billion after a multi-sig setup was compromised. Not because of a code bug, but because of something that appears to have low operational security.
“Many crypto platforms remain vulnerable to similar threats, ignoring basic off-chain security principles, secure operational practices, and specific requirements outlined in cryptocurrency security standards.”
Dmytro Yasmanovych, Head of Compliance at Hacken
Yasmanovych said the team would recommend that crypto companies urgently implement or enhance some practical security controls along the CCSS. For example, this includes the deployment of multifactor authentication using secure hardware-assisted methods such as biometric solutions and physical tokens across all critical off-chain operations to protect against qualification-based attacks.
He also highlighted the need for a clear transaction approval policy with documented roles, approval thresholds, and procedures to prevent fraud. Additionally, Yasmanovych advised businesses to define and implement secure encrypted communication channels for confidential operation, such as transaction requests and approvals.
Liquidity dressed in innovation
But perhaps the most controversial insight from Hacken was reserved for Libra Token, a politically exaggerated memo coin that ended with the textbook’s rag pull. According to the Hacken team, insiders may have driven away more than $300 million by selling to market hype.
Libra Token claimed to introduce “intensive liquidity,” but not to Hacken CEO.
“To newcomers, they sound like they’re bolstering the market or adding value to their tokens, but in reality they were a sophisticated way of placing big sell orders at a certain price. When prices surge due to hype, those orders immediately send insiders out with a massive amount of profit.
This is budorine
Hacken believes Crypto can and should borrow some ideas from traditional finance to avoid this kind of thing. In a regulated market, insiders must disclose their major holdings and planned sales. Maybe crypto projects should start doing the same thing. Toconomics disclosure, best schedules, and team assignments must be standard and not exceptions.
And while full regulations remain a matter of discussion, Hacken suggests that at least a surveillance mechanism is needed in the space. Think of a third-party monitoring platform, public rating system, or watchdog that can flag strange token behavior or abnormal liquidity events before it’s too late. Until then, trust remains unstable. Also, all exit scams or stealthmint just drags Crypto far from public legitimacy.
read more: Coinbase hacks with S&P rising and investigators who saw it coming
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
