Image: Getty Images/ For illustrative purposes
The global crypto community was shaken on February 21, as news broke of the largest crypto hack in history.
North Korea’s notorious state-sponsored hackers pulled off a monumental heist on crypto exchange, Bybit, and made off with some $1.5bn in ether (ETH). Having cut their teeth on projects such as the Sony Pictures Hack of 2014 and graduated to the big leagues with 2017’s infamous WannaCry ransomware campaign, Lazarus now poses a very real threat to exchanges across the globe, including the UAE.
The UAE has established itself as a leader in crypto regulation, fostering a secure and well-governed environment for digital assets. Its regulators oversee crypto activities to ensure compliance and transparency, while initiatives like government-backed cross-border crypto transactions with Saudi Arabia’s central bank signal a commitment to innovation. Commercial banks are also embracing the sector, with Emirates NBD launching crypto trading in March 2025.
All these positive developments have fueled the crypto market’s growth, but an unfortunate side effect of this momentum is that it has made the sector an attractive target. As global interest in crypto grows, so too does the incentive for cybercriminals to target digital assets — underscoring the need for continuous vigilance across the entire ecosystem. There’s correlation between market upswing and threats that has played out before — stolen funds last peaked during the crypto boom years of 2021-2022. And with a potential resurgence in 2024, the risk of high-profile heists is growing.
This presents a significant risk to exchanges operating in the Emirates. It is a crowded market and brand recognition is often the major draw for customers. Consequently, good press fuels success, but the wrong kind of story — even briefly — can shatter consumer confidence and erase them from relevance. Cybersecurity thrives on cautionary tales, but crypto depends on the unbreakable trust in its infrastructure. To stay ahead of digital threats, exchanges must outmatch the ingenuity of attackers — because the industry’s survival depends on it.
Call to arms for crypto exchanges
Crypto assets and services can bring many benefits to the UAE banking system. They can diversify it and rekindle enthusiasm for banking among a now largely digital-native populace. There are signs that financial organisations in the UAE, and surrounding Gulf nations, are beginning to grasp some of the truths about the crypto world. For example, far from being the shadowy, anonymised environment portrayed by its detractors, blockchains are the most auditable transaction ecosystems in existence. All that remains is for governments and institutional investors to embrace these systems.
The remaining challenges to widescale normalisation of crypto mostly hinge on wallet and exchange security. Chainalysis’ 2025 Crypto Crime Report revealed the outsized role North Korea-affiliated actors are playing in crypto-related incidents and how this role has grown. North Korean groups stole around $660m across 20 incidents in 2023. In 2024, they were responsible for more than double the previous year’s tally — $1.34bn across 47 incidents.
This level of escalation cannot go unchallenged. It falls to those who run exchanges or are exploring the possibility of offering crypto services to take steps to prevent Lazarus-type actors from disrupting or demolishing ownership guarantees. Tools already exist to help with crypto security.
Even crypto end-users have access to free resources that allow them to verify transactions and enhance their on- and off-chain security provisions.
Strengthening defences
To defend against large-scale breaches, there are some best practices exchanges and other service-providers can follow. Chainalysis has come up with these approaches through in-depth discussions with chief information security officers (CISOs). The experts strongly urge the implementation of stronger Web2 security like endpoint detection and response (EDR). Many of these tools are advanced enough in their threat intelligence to help identify and mitigate potential threats on devices used by exchange employees.
Web2 measures also include the protection of signing computers by air-gapping — disconnecting them from the internet or any internet-exposed resource. These machines should be used only for signing crypto transactions. Where a hardware node must access a cold wallet, it should be subject to the most meticulous security measures — strictly secured and access-controlled. API key storage should integrate hardware security modules (HSMs), which add another layer of authentication.
When it comes to Web3 infrastructure, there’s an imperative for a dedicated process for communication between signers to ensure all approvals account for all possible nuances and variations between the parties. In addition, multi-party computation (MPC) wallets reduce reliance on single points of failure in the management of keys. Solutions are also available to govern the wallets themselves by, for example, limiting transfer amounts.
The reals of the real-world
Humans are, of course, part of the security apparatus and are famously its most common point of failure. And while simple errors are known to lead to incidents daily, sometimes we find that an infiltration is tied to an insider voluntarily aiding a threat actor. In some documented instances, North Korean IT workers infiltrated crypto service providers and Web3 companies using fake identities.
A recent US Department of Justice (DOJ) case indicted 14 DPRK nationals who, as remote workers, stole proprietary information and extorted their employers to acquire more than $88m. Security best-practice measures must include thorough background checks for potential recruits, and the training of employees to recognize social-engineering tactics.
A wake-up call
The UAE has a glowing future in crypto adoption if providers can tackle the momentous task of securing assets and transactions. It requires commitment and constant engagement, but it is not an insurmountable challenge.
Given the right investment in the right tools and policies, UAE crypto providers can ensure they do not become the next cautionary tale.
The writer is the VP – South EMEA, Central & South Asia at Chainalysis.
!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,’script’,’https://connect.facebook.net/en_US/fbevents.js?v=next’);
