Hacking analysts say that many crypto companies do not even meet the basic line of the cryptocurrency security Standard, which exposes billions to insider threats and leaks of the references.
In Crypto, a quiet smart contract update months of security work can undo. And yet, according to analysts at blockchain forensic firm hacking, the industry still treats audits such as brand tools, not like the breathing control points they should be.
Audits “may not be treated as a check box or a logo on your homepage,” said Dyma Budorin, CEO of Hacken in an exclusive interview with Crypto.news. According to him, too many projects trust at a static snapshot of their code and call it a day. But as soon as that code changes – and it often does – the relevance of the audit can evaporate. “Every audit becomes outdated when a contract is changed,” he warned.
The problem is not only the lack of audits, but the lack of systems that control code after implementation. Hacking argues that without continuous validation and re-audits, teams can be sugged in a false sense of safety.
“A single function overlooked can open the door for a disaster. The real problem is not only audit coverage, it is audit relevant. We need systems that follow each change, review assumptions and are re -agitated when needed. Otherwise the only thing that is needed is to break everything you thought was safe.”
Dyma Budorin
The team suggests a shift to more standardized and automated checks. Things such as symbolic version, fuzzing and formal verification must be part of the launch control list – not optional extras. Not a smart contract, they say, should go live without first passing on a baseline set of automated tests.
But even that is not enough. Contract economics systems change. Upgrades happen. And sometimes they don’t – even when they should. Hacking wants to see better checks around upgradability. Protocols must encourage patching or even deactivate old contracts when risks are discovered. As the hacking team noted: “Too often patching is left to chance – or even worse, to the grace of the hackers.”
Ultimately, the message is simple: if crypto grow up into an infrastructure layer – something fundamental, not just speculative – then safety cannot be a side issue.
Multisig is not enough
However, code is not always the problem. In some of the largest crypto infringements, it is the off-chain stuff that breaks first. Take bybit for example. The stock market lost almost $ 1.5 billion due to a compromised multisig arrangement. Not because of a bug in the code, but because of what is like poor operational safety.
“Many crypto platforms neglect fundamental off-chain security principles, secure operational practices and specific requirements described in the cryptocurrency security standard, making itself vulnerable to similar threats.”
Dmytro Yasmanovych, head of the Compliance at Hacken
Yasmanovych said that the team recommend Crypto companies, urgently implement or strengthen various practical security controls in accordance with the CCSS. These include, for example, the implementation of multi-factor authentication with the help of safe, hardware-supported methods-such as biometric solutions or physical tokens-in all critical off-chain operations to defend against login data-based attacks.
He also emphasized the need for a clear policy for transaction authorization, with documented roles, approval thresholds and procedures to prevent unauthorized activities. In addition, Yasmanovych advised companies to define and force secure, coded communication channels for sensitive operations, including transaction requests and approvals.
Leaves liquidity dressed as innovation
But perhaps the most controversial insight of Hacken was reserved for the Libra -Token, a politically hyped memecoin that ended in a carpet of the textbook. According to the Hacking team, insiders may have run away with more than $ 300 million to sell to Markt hype.
The scale -token had claimed to introduce ‘concentrated liquidity’, but for the CEO of Hacken, that was not what it was.
“For newcomers it sounds like they strengthen the market or add value to the token, but in reality it was just an advanced way to place large sales orders at specific price points. When the price is due to the hype, those orders have been converted into cash that converts income into space into space and turnover into space in space.”
Dyma Budorin
Hacking believes that Crypto can – and should borrow a number of ideas of traditional finances to avoid things like this. In regulated markets, insiders must announce large companies and planned sales. Perhaps crypto projects should start to do the same. Publication of Tokenomics, fortress schedules and team assignments must be the norm, not the exception.
And although full regulations are still a matter of debate, Hacking suggests that the space needs at least supervisory mechanisms. Think of monitoring platforms from third parties, public assessment systems or watchdogs that can mark strange token behavior or unusual liquidity events before it is too late. Until then, trust remains shaky. And every exit -scam or Stealth -Munt will only drag crypto further away from public legitimacy.