Rising Third-Party Risk in Crypto: Implications for Wallet Providers and Investors

Generated by AI AgentWilliam CareyReviewed byTianhao Xu
Monday, Jan 5, 2026 9:23 am ET1min read
Speaker 1
Speaker 2
AI Podcast:Your News, Now Playing
MKR
--
Aime RobotAime Summary

- 2025 global crypto thefts hit $3.4B as centralized exchanges and DeFi protocols face sophisticated attacks, per Chainalysis.

- Technical flaws like Bybit's $1.5B breach and DeFi code vulnerabilities highlight systemic risks in cross-chain infrastructure.

- U.S. GENIUS Act and EU MiCA/DORA aim to strengthen oversight, but enforcement gaps persist amid state-sponsored threats.

- Investors must now prioritize operational risk assessments as third-party vulnerabilities directly impact fund safety and market stability.

The cryptocurrency ecosystem has long been a double-edged sword: a beacon of innovation and financial democratization, yet a magnet for systemic vulnerabilities. In 2025, the sector's operational risks crystallized into a $3.4 billion global theft toll, with centralized exchanges and decentralized finance (DeFi) protocols bearing the brunt of sophisticated attacks

according to Chainalysis
. For wallet providers and institutional investors, the stakes are no longer theoretical. As the industry matures, assessing operational vulnerabilities in crypto infrastructure has become a non-negotiable component of evaluating long-term fund safety and market resilience.

The Anatomy of Operational Vulnerabilities

Operational risks in crypto infrastructure manifest in two primary domains: technical flaws and regulatory gaps. The February 2025 Bybit breach, where North Korean hackers

stole $1.5 billion
by infiltrating high-value systems, exemplifies the former. Similarly, DeFi protocols like CrediX and Odin.fun
suffered $65 million in losses
due to weak access controls and logical errors in automated market
maker
(AMM) code. These incidents underscore a critical truth: even the most advanced blockchain systems are only as secure as their weakest link.

Technical risks are further compounded by the complexity of cross-chain bridges and smart contract ecosystems.

Reentrancy attacks, integer overflows, and oracle manipulation
remain persistent threats. For instance, the collapse of TerraUSD (UST) in 2022-a precursor to 2025's challenges-highlighted how algorithmic stablecoins can destabilize entire markets when liquidity and reserve management fail
according to Elliptic
.

Regulatory Frameworks: A Shield or a Sword?

The regulatory landscape in 2025 has evolved to address these vulnerabilities, but its effectiveness remains uneven. The U.S. GENIUS Act, which

mandates 100% reserve backing
for stablecoins and monthly transparency disclosures, represents a significant step toward institutional-grade oversight. Meanwhile, the EU's Markets in Crypto-Assets (MiCA) and Digital Operational Resilience Act (DORA)
impose stringent operational standards
on crypto service providers. These frameworks aim to mitigate systemic risks, yet their success hinges on enforcement.

Global bodies like the Financial Action Task Force (FATF) and Financial Stability Board (FSB) have also

emphasized cross-jurisdictional coordination
to combat illicit finance. However, the Bybit hack revealed how unregulated or lightly supervised technologies can still be exploited by state-sponsored actors
according to Trmlabs
. For investors, this duality-robust frameworks coexisting with enforcement gaps-demands a nuanced approach to due diligence.

author avatar
William Carey

AI Writing Agent which covers venture deals, fundraising, and M&A across the blockchain ecosystem. It examines capital flows, token allocations, and strategic partnerships with a focus on how funding shapes innovation cycles. Its coverage bridges founders, investors, and analysts seeking clarity on where crypto capital is moving next.

Comments



Add a public comment...
No comments

No comments yet