What Bybit and Safe Got Wrong

How the $1.5 Billion Bybit Hack Could Have Been Prevented - Ep. 791

North Korea’s Lazarus Group pulled off its biggest heist yet, stealing $1.5 billion from Bybit in what has turned out to be an entirely preventable hack. Security expert Mudit Gupta explains why.

Crypto derivatives exchange Bybit just became the latest victim of North Korea’s elite hacking unit, the Lazarus Group. They didn’t brute-force their way in. They didn’t exploit some obscure vulnerability. Instead, they tricked a trusted developer, slipped in malicious code, and took off with a fortune.

How did this happen? Why was $1.5 billion sitting in a single wallet? What mistakes did Bybit and Safe make? And, more importantly, what needs to change to stop this from happening again?

This week, Mudit Gupta, chief information security officer at Polygon, joins Unchained to expose the security failures, the sophisticated tactics Lazarus used, and why crypto still hasn’t learned its lesson.

Listen to the episode on Apple Podcasts, Spotify, Pods, Fountain, Podcast Addict, Pocket Casts, Amazon Music, or on your favorite podcast platform. until here

Now, let’s get into this week’s news! In today’s edition:

• ⚖️ The SEC suddenly drops major crypto cases.

• 📜 A key securities rule could be rewritten for crypto.

• 💰 A top exchange pays $500M to U.S. regulators.

• 🏛️ Ethereum’s leadership shake-up leaves big questions.

• 📈 Solana ETF listing fuels spot fund speculation.

• 🚨 A prison tweet sends FTX’s token soaring.

• 💸 FTX’s bankruptcy costs hit nearly $1 billion.

• 🕵️ A 3AC-linked exchange faces insolvency and allegations.

• 🔍 A new trading move could disrupt Solana DeFi.

• 🏦 Bank of America is eyeing a stablecoin launch.

SEC Dismisses Multiple Crypto Investigations

The U.S. Securities and Exchange Commission (SEC) has dismissed multiple enforcement actions against major cryptocurrency firms, signaling a significant shift in its approach. Over the past week, the regulator has formally closed cases involving Coinbase, Uniswap, Robinhood Crypto, OpenSea, Gemini, and agreed to pause the investigation into Justin Sun’s companies.

The dismissals began with Coinbase, which announced that the SEC would drop its lawsuit against the company. The lawsuit, originally filed in June 2023, accused Coinbase of operating as an unregistered securities exchange. Under the agreement, Coinbase will not pay any fines or modify its business practices. The case is set to be dismissed with prejudice, ensuring that it cannot be refiled. The final decision now rests with a vote by SEC commissioners Mark Uyeda, Hester Peirce, and Caroline Crenshaw.

Coinbase Chief Legal Officer Paul Grewal described the decision as a necessary correction, stating, “They sued us without any basis in law. They sued us without telling us what the rules were.” Grewal also noted that the SEC’s approach had imposed significant legal and financial burdens on the industry, calling it a “tax on American innovation.”

Following this decision, the SEC also ended its investigation into Uniswap. The decentralized exchange had been under scrutiny after receiving a Wells Notice last year, indicating that enforcement action was being considered. Uniswap confirmed in a statement that the SEC had officially closed the case with no further action, allowing the platform to continue its operations without changes.

The SEC also dropped its investigation into Robinhood Crypto, closing the case without pursuing any charges. The inquiry focused on whether Robinhood’s crypto trading services constituted unregistered securities offerings. Robinhood’s Chief Legal Officer, Dan Gallagher, strongly criticized the SEC’s decision to investigate in the first place, stating, “Let me be crystal clear—this investigation never should have been opened.”

Another major case dismissed by the SEC involved major NFT marketplace OpenSea. The platform had been under investigation over allegations that it was operating as an unregistered securities exchange. OpenSea CEO Devin Finzer welcomed the decision, emphasizing that classifying NFTs as securities would have created legal uncertainties and hindered innovation.

On Wednesday, the SEC also closed its case against Gemini, the cryptocurrency exchange co-founded by Cameron and Tyler Winklevoss. Cameron Winklevoss strongly criticized the agency’s handling of the matter. He stated that the prolonged legal battle had cost the company tens of millions of dollars in legal fees and hundreds of millions in lost business opportunities. Winklevoss also argued that the SEC’s actions had caused widespread financial damage to the broader industry.

In addition to these dismissals, the SEC has requested a 60-day pause in its lawsuit against Justin Sun and his affiliated companies, which include the Tron Foundation and BitTorrent. The lawsuit, filed in March 2023, accused Sun of selling unregistered securities and engaging in manipulative trading practices. The SEC and Sun jointly requested the pause to allow time for settlement discussions, but the outcome remains uncertain.

SEC Task Force Considers Howey Test Revisions

Following the series of dismissed crypto cases, the SEC’s Crypto Task Force is now reviewing whether securities laws have been misapplied to digital assets, Unchained reported. A group of lawyers argued before the task force that the SEC has wrongly expanded its jurisdiction under former Chairman Gary Gensler, using the Howey Test to regulate staking, airdrops, and NFTs.

The task force, launched last month by Acting Chair Mark Uyeda and led by Commissioner Hester Peirce, is also assessing whether the agency should narrow its definition of “brokers” and “dealers.” Lawyer J.W. Verrett said the SEC’s enforcement tactics had created regulatory confusion, stating, “These reforms help the SEC undo the Gordian knot.”

OKX Settles DOJ Charges

Not all crypto companies got good news this week! Amid a broader shift in U.S. crypto enforcement, crypto exchange OKX settled with the U.S. Department of Justice (DOJ) over allegations that it operated as an unlicensed money transmitter and facilitated illicit transactions. The settlement, announced Monday, requires Aux Cayes FinTech Co. Ltd., an OKX affiliate, to pay more than $500 million, including $84 million in penalties and $421 million in forfeited fees earned from U.S. customers.

According to DOJ Acting U.S. Attorney Matthew Podolsky, OKX enabled over $5 billion in suspicious transactions and criminal proceeds. The agency also alleged that an OKX employee instructed U.S. users to bypass restrictions by entering false information, stating, “Just put a random country and it should go through.”

Ethereum Foundation Director Steps Down

The Ethereum Foundation is undergoing a major leadership shake-up as Aya Miyaguchi, its executive director since 2018, announced she is stepping down from the role. Miyaguchi will transition to a newly created position as foundation president, where she will focus on institutional partnerships and Ethereum’s cultural vision, she shared in a blog post on Tuesday.

Her departure comes as Ethereum faces growing competition from rival blockchains like Solana and mounting criticism over its technical roadmap, marketing strategy, and lack of DeFi support. Some community members had been calling for leadership changes, pointing to Ethereum’s lagging token performance compared to Bitcoin and Solana.

Ethereum co-founder Vitalik Buterin will personally select Miyaguchi’s replacement, though no successor has been named yet.

Some Ethereum supporters remain skeptical of the move, with former core developer Eric Conner posting, “No one knows what ‘President’ is. No one knows the new leadership structure.”

Memecoins Are Not Securities, SEC Says

The U.S. Securities and Exchange Commission has formally stated that memecoins do not qualify as securities, signaling a hands-off approach to their regulation. 

In a statement published on Thursday, the SEC’s Division of Corporation Finance described memecoins as tokens inspired by internet culture, characters, or trends that lack utility or financial backing, placing them outside the scope of federal securities laws.

The announcement echoes remarks made earlier this month by SEC Commissioner Hester Peirce, who leads the agency’s Crypto Task Force. Peirce previously said most memecoins did not meet the Howey Test’s definition of a security, adding: “People must decide for themselves, not look to Mama Government to bail them out when they do something that turns out badly.”

Despite its revised stance on memecoins, the SEC warned that fraudulent or misleading memecoin projects could still face enforcement action if they attempted to disguise securities by labeling them memecoins. The agency said it would assess “the economic realities of the particular transaction” in such cases.

Solana Futures ETFs Appear on DTCC List, Raising Hopes for Spot Approval

The Depository Trust and Clearing Corporation (DTCC) has listed two Solana futures exchange-traded funds (ETFs) from Volatility Shares, marking the first Solana-based ETFs to appear on its fund list, The Block reported Wednesday.

The two funds, Volatility Shares Solana ETF (SOLZ) and Volatility Shares 2x Solana ETF (SOLT), aim to provide exposure to Solana futures contracts. While a third proposed -1x leveraged ETF was initially filed, it did not appear on DTCC’s list.

This development could improve the odds of a spot Solana ETF approval. Earlier this month, the SEC acknowledged spot Solana ETF filings from multiple issuers, including 21Shares, Bitwise, Canary, and VanEck.

While DTCC listing does not guarantee immediate trading, past cases—such as VanEck’s spot Ethereum ETF—suggest that approval could follow within months.

FTX Token Surges After Sam Bankman-Fried Posts From Prison

FTX’s native token FTT briefly spiked 40% on Monday after a series of tweets were posted from Sam Bankman-Fried’s X account—his first online activity in two years. Bankman-Fried, the former CEO of FTX, is currently serving a 25-year sentence for fraud and conspiracy at the Metropolitan Detention Center in Brooklyn.

The tweets, which referenced government layoffs and corporate firings, were posted as Elon Musk’s federal workforce efficiency directive made headlines. Bankman-Fried’s account stated, “I have a lot of sympathy for gov’t employees: I, too, have not checked my email for the past few (hundred) days.” FTT quickly jumped to $2.12, before falling below $1.80 within 30 minutes.

While Bankman-Fried does not have direct access to social media, he can communicate through Corrlinks, a prison messaging system. It remains unclear who posted the tweets, but they have reignited speculation around his influence on crypto markets.

In related news, the FTX bankruptcy is on track to become one of the most expensive in U.S. history, with legal and advisory fees reaching $948 million, according to court records reviewed by Bloomberg.

Law firm Sullivan & Cromwell has received $248.6 million, while Alvarez & Marsal, a financial consulting firm, has collected $306 million. The total cost still pales in comparison to Lehman Brothers’ 2008 bankruptcy, which exceeded $6 billion, but remains staggering for an exchange that held between $10 billion and $50 billion in assets at the time of its collapse.

OX.FUN Faces Insolvency Fears

OX.FUN, the crypto exchange launched by Three Arrows Capital (3AC) founders Su Zhu and Kyle Davies, is nearing insolvency, with liquid assets dwindling to just $1.7 million, according to onchain data reviewed by Coinbase head of product Conor Grogan. If pending $1 million in USDC withdrawal requests are processed, the exchange’s stablecoin reserves could drop to roughly $1,000.

The liquidity crisis follows accusations from JefeDAO, an artist collective, that OX.FUN attempted to extort $1 million from them by conditioning fund returns on positive social media promotion. OX.FUN denies the allegations, instead claiming that JefeDAO engaged in an “oracle manipulation attack” involving JAILSTOOL, a meme coin linked to Barstool Sports founder Dave Portnoy.

Despite the concerns, OX.FUN’s pseudonymous head of treasury insists the exchange is not insolvent but has paused large withdrawals due to “market volatility.”

Pump.Fun Reportedly Testing AMM, Threatening Raydium’s Market Share

Pump.Fun, the popular Solana-based memecoin launchpad, appears to be developing its own automated market maker (AMM), potentially disrupting Raydium, the largest AMM on the blockchain. The discovery was first reported by onchain analyst @trenchdiver, who shared a link to a Pump.Fun-branded AMM interface currently in beta.

If confirmed, this move would bypass Raydium’s liquidity pools, where Pump.Fun tokens currently migrate after reaching a certain trading threshold. By keeping trading within its own ecosystem, Pump.Fun could capture more fees and expand its revenue model, which has already generated over $500 million in fees since early 2024.

Speculation around the AMM launch sent Raydium’s RAY token down 25% on Monday, as investors worried about the potential loss of trading volume. Pump.Fun has not officially commented on the development, but blockchain data shows it has already tested liquidity pools with a trial token called Snowfall (CRACK).

Bank of America Signals Readiness to Launch Stablecoin

Bank of America CEO Brian Moynihan said that the bank is prepared to launch its own U.S. dollar-backed stablecoin if Congress legalizes it. Speaking at the Economic Club of Washington, D.C. on Tuesday, Moynihan stated, “If they make that legal, we will go into that business.”

This comes as Congress pushes to pass stablecoin legislation within the first 100 days of the Trump administration. Lawmakers, along with White House Crypto and AI Czar David Sacks, have indicated bipartisan support for regulatory clarity in the sector.

Moynihan compared stablecoins to money market funds and bank accounts, emphasizing that legal approval would allow Bank of America to treat them similarly to foreign currencies.

Watch the weekly recap on YouTube!