How Crypto Users Get Rekt and How You Can Stay Safe - Ep. 987 - Unchained Recap

Podcast: Unchained

Published: 2025-12-24

Duration: 1 hr 19 min

Guests: Pablo Sabbatella, Isaac Patka

Summary

Crypto users face increasing risks from social engineering as North Korean hackers infiltrate Web3 companies. Experts provide strategies to enhance security and prevent massive losses.

What Happened

In 2025, the Bybit hack stunned the crypto world with a $1.5 billion loss, marking the largest hack in history. This event highlighted the vulnerabilities in crypto security, emphasizing that 99% of funds are now stolen due to operational security issues rather than smart contract exploits, as noted by Pablo Sabbatella.

Social engineering has become the primary threat to crypto security, with Isaac Patka highlighting that fake podcast interviews and reporters are among the tactics used by hackers. This evolution in hacking techniques calls for more robust security measures beyond just relying on smart contract protections.

North Korean hackers are actively infiltrating crypto and tech companies, with 40-50% of job applications in the Web3 space potentially coming from them. These hackers use 'laptop farms' in the U.S. to mask their locations, making it crucial for companies to conduct thorough identity verifications through video calls and cultural consistency checks.

Pablo Sabbatella and Isaac Patka stress the importance of not relying solely on test transactions, as these can lead to address poisoning. Instead, they recommend using hardware wallets and diversification strategies, including multi-signature and custodial services to minimize risks.

The SEAL 911 initiative plays a vital role in responding to crypto attacks, offering a volunteer emergency response group to help secure protocols under attack. Their frameworks and resources are designed to provide best practices for both individuals and companies to protect their assets.

Privacy in crypto is also a significant focus, with tools like privacy pools offering users the ability to prove innocence and enhance security. These measures, alongside strong operational security practices, are essential in safeguarding against the growing sophistication of crypto-related threats.

Key Insights

• In 2025, the Bybit hack resulted in a $1.5 billion loss, the largest in crypto history, with 99% of stolen funds attributed to operational security issues rather than smart contract exploits.
• Social engineering, including fake podcast interviews and reporters, has become the primary threat to crypto security, necessitating more robust measures beyond smart contract protections.
• North Korean hackers are infiltrating crypto and tech companies, with 40-50% of Web3 job applications potentially originating from them, using 'laptop farms' in the U.S. to disguise their locations.
• Test transactions can lead to address poisoning, so using hardware wallets and diversification strategies like multi-signature and custodial services is recommended to minimize risks.