Crypto Exchanges Should Halt Withdrawals Post-Hack, Binance Founder CZ Strongly Recommends

• CZ highlights securing private keys and backups as essential for crypto safety.
• Binance invests heavily in security to protect user funds from sophisticated threats.
• CZ recommends using trusted exchanges and proper backups to safeguard crypto assets.

The hack of cryptocurrency exchange Bybit by Lazarus Group of North Korea, which resulted in the theft of $1.4 billion worth of Ethereum, substantially heightened security concerns in the cryptocurrency industry. Binance founder Changpeng Zhao (CZ) expressed growing concern about the rising number of crypto breaches after Bybit suffered extensive theft from North Korean hackers.

Through his statements, CZ highlighted the requirement for secure measures within space and the necessity for prompt response and openness after an incident.

CZ’s Security Recommendations Amidst Crypto Breaches

Following the Bybit incident CZ utilized social media platforms to emphasize exchange protection against hacking events. CZ pointed out the alarming rise of multi-signature system exploitation in the recent Bybit hack alongside WazirX and Phemex. Hackers managed to manipulate multi-signature systems to permit unauthorized financial transactions. 

The vulnerabilities in these incidents affect the multi-signature “cold storage” systems, which were created to offer additional security for crypto assets. The researchers suggest hackers succeeded through server-side and device infiltrations despite different exchanges using different security providers.

Blockchain expert ZachXBT traced the Bybit hack to the North Korean Lazarus Group after finding wallet transaction trails connected to the Phemex exploit in January, which led to $85 million in losses. Arkham Intelligence also provided evidence that showed test transactions and transaction patterns leading to the breach.

Source: ZachXBT

CZ has urged exchanges to pause withdrawals immediately after detecting a breach. According to the expert, this preemptive security procedure gives exchanges sufficient time to investigate attacks fully and fix security issues before they reenable operations. CZ drew from his own experience with the Binance hack in 2019 where pausing withdrawals helped them recover user confidence. 

Users deposited more money than they withdrew after Binance resumed operations following its initial withdrawal suspension. According to CZ, exchanges must dedicate sufficient time to securing their systems before reopening. Withdrawal suspensions function both to prevent additional financial losses and to safeguard investor assets over the long term.

Bybit’s Transparent Approach to the Crisis

Bybit CEO Ben Zhou openly disclosed the breach, and established users could rest assured that their internal Bybit systems would remain untouched. The Lazarus Group attacked Bybit’s Ethereum cold wallet however the platform managed to run its core operations and withdrawals without problems.

Zhou said the external security breach did not affect the internal systems, so withdrawal functions continued without interruption. Industry leaders, including CZ, supported Zhou’s decision to continue operations as normal throughout the crisis.

Source: X

During the crisis, Zhou expressed gratitude toward Binance and other partners for demonstrating their combined defense against threats and solid financial position even after the major attack.