As crypto adoption grows and project-building on Web3 becomes more widespread, blockchain security has become a central pillar for users and developers.
In a conversation with BeInCrypto, Hacken CEO Dyma Budorin highlighted the need for comprehensive compliance solutions in 2025.
A Need for Higher Security Measures
As 2025 approaches, experts are weighing in on the frequency of data breaches that blockchains have suffered and their negative impact on user experience. This year, crypto security breaches escalated, with losses surpassing $2.9 billion across various sectors, according to a recent Web3 security report developed by Hacken, a cybersecurity company.
Access control vulnerabilities emerged as the dominant threat vector, contributing to 75% of all hacks. This trend, observed across DeFi, CeFi, and gaming/metaverse platforms, highlighted the widespread occurrence of security weaknesses related to operational security and access management. Phishing scams also inflicted significant damage, resulting in losses exceeding $600 million.
”It’s evident that the industry can no longer overlook operational security. Comprehensive audits, strict access control protocols, and robust key management systems must become standard practices,” said Budorin in an interview with BeInCrypto.
The significant losses experienced in 2024 underscore the critical need for the crypto industry to prioritize all-encompassing security measures and comprehensive audits to reduce future breaches and protect user assets.
A Bad Year for Access Controls
Budorin pegged access control issues as the most critical challenge facing blockchain security today, especially the loss of private keys across project teams, affecting CEOs and developers.
According to Hacken’s report, in 2024, access control exploits, primarily linked to private key compromises, resulted in losses exceeding $1.7 billion. This is a substantial increase from the $1 billion reported the previous year.
“Notably, major incidents like Radiant Capital and Orbit Bridge underscore the consequences of weak key management and the absence of multi-sig solutions or regular audits,” Budorin added.
In October, a major hack targeting Radiant Capital resulted in losses of $55 million and affected more than 10,000 users. The breach involved hackers exploiting vulnerabilities to gain control of three of Radiant’s private keys, enabling them to drain funds from the platform.
Attackers exploited vulnerabilities by injecting malware onto developer devices, enabling them to intercept and manipulate legitimate transaction approvals despite using hardware wallets.
Orbit Bridge, a cross-chain bridging service, suffered a more significant hack on New Year’s Eve last year, resulting in a loss of approximately $82 million. According to Hacken, the incident marked the largest DeFi hack of 2023.
Despite using multi-signature technology, which typically requires multiple parties to authorize transactions, the attacker compromised seven out of ten signers, highlighting a critical vulnerability in the system.
The stolen funds were mainly stablecoins, including $30 million USDT, $10 million USDC, and $10 million DAI. Additionally, 231 WBTC ($10 million) and 9,500 ETH ($21.5 million) were compromised. Hackers transferred the stolen funds through an intermediary address before laundering them through a cryptocurrency mixer.
Prioritizing Higher Cybersecurity Standards
In 2025, mandatory compliance should become a reality for all projects developing on a blockchain, said Budorin.
“Mandatory compliance in 2025 will mark a turning point for the crypto industry, driving much-needed transparency, accountability, and operational resilience. Regulations such as MiCA (Markets in Crypto-Assets), DORA (Digital Operational Resilience Act), and the AML Package will require centralized crypto service providers, custodians, and other players to implement higher cybersecurity standards, robust reporting mechanisms, and strict operational procedures,” Budorin told BeInCrypto.
Beyond these jurisdictional regulations, Budorin urges all blockchain projects to address cybersecurity issues by complying with the CryptoCurrency Security Standard (CCSS). The CCSS provides a comprehensive framework for enhancing the security of cryptocurrency systems.
The CCSS’s layout emphasizes thorough key management practices. Among its compliance mechanisms, CCSS controls require secure key generation using standardized random bit generators to minimize the risk of key compromise.
Encrypted storage and controlled access mechanisms are enforced to prevent unauthorized key usage. In contrast, properly implementing multi-signature setups and distributed key management mitigate the risk of exploitation by any single entity.
These standards recommend implementing multi-layered security measures, conducting regular security audits, and establishing stringent access control guidelines.
By adhering to CCSS, organizations can significantly improve the protection of private keys. This would reduce the frequency and severity of security breaches related to access control vulnerabilities.
Budorin believes that such losses could have been avoided if Radiant Capital and Orbit Bridge had complied with CCSS guidelines.
UAE Positions Itself As A Leader in Blockchain Security
Some nations have adopted extensive protocols to ensure Web3 actors adhere to operational security practices.
“The UAE, and specifically Abu Dhabi Global Market (ADGM), is emerging as a global leader in blockchain security and innovation due to its forward-thinking regulatory framework, strategic vision, and ability to foster a thriving technology ecosystem,” said Budorin.
The ADGM is a financial-free zone on Al Maryah Island in Abu Dhabi. Established in 2013 by Federal Decree, ADGM is the city’s financial center, with its independent legal and regulatory framework.
“ADGM has established itself as a regulatory pioneer, balancing innovation with compliance. By creating clear, progressive guidelines for blockchain and digital assets, ADGM attracts businesses seeking a secure, compliant environment to grow,” explained Budorin.
In April, ADGM and Hacken signed a Memorandum of Understanding (MoU) to collaborate on enhancing blockchain security. The alliance aims to develop effective security standards and on-chain monitoring solutions within ADGM’s Distributed Ledger Technology (DLT) Foundations framework.
“Together, we are working to set global standards for Web3 security by providing cutting-edge security audits, penetration testing , and compliance solutions to blockchain projects in the UAE and beyond,” Budorin said.
Budorin hopes to see more collaborative efforts in the future that prioritize security and foster a sustainable Web3 ecosystem.
Disclaimer
Following the Trust Project guidelines, this feature article presents opinions and perspectives from industry experts or individuals. BeInCrypto is dedicated to transparent reporting, but the views expressed in this article do not necessarily reflect those of BeInCrypto or its staff. Readers should verify information independently and consult with a professional before making decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
Read the full article here
