Logo
My Crypto News AI

When Your Crypto Wallet Gets Hacked, Who Actually Loses the Money?

Crypto custody comes down to a choice between control and convenience, and every option has failed spectacularly in 2026. BitGo Holdings became the first pure-play crypto custody business to go public on the New York Stock Exchange in January 2026, raising roughly $213 million at an $18 share price and valuing the company at just over $2 billion, built on $104 billion in client assets under custody, nearly double what it held a year earlier. Yet even as Wall Street validated institutional crypto custody at scale, the same industry watched Poland's largest crypto exchange, Zondacrypto, collapse because a single missing founder held the only private keys to a cold wallet reportedly worth around $330 million, while its hot wallet reserves had quietly drained by 99.7 percent in the months before anyone noticed.

What Are the Main Ways to Store Crypto, and How Do They Actually Fail?

Custody models split into five main categories, each with different trade-offs between security, control, and operational risk. Understanding how each one fails is essential for anyone holding digital assets, whether retail investors or institutions managing billions.

  • Self-Custody (Hot and Cold Wallets): You hold your own private keys with no intermediary, meaning no exchange can freeze your account or custodian can go bankrupt with your coins inside. The catch is total operational risk; lose your seed phrase and the funds are gone forever, expose it and attackers drain everything instantly.
  • Multisig Wallets: Signing authority splits across multiple independent keys, typically held by different people or devices, requiring a threshold like 3-of-5 to approve any transaction. Safe, formerly Gnosis Safe, dominates this space and secures signing authority for exchanges, decentralized autonomous organizations (DAOs), and institutional trading desks, but the weakness is everything built around the cryptography, not the cryptography itself.
  • MPC Wallets: A single private key splits into cryptographic shares distributed across separate parties or devices, which jointly compute a valid signature without the full key ever being reconstructed in one place. Fireblocks popularized this approach and now serves more than 2,400 organizations and over 80 banks across more than 150 blockchains with a valuation of roughly $8 billion.
  • Exchange Custody: You deposit assets with a crypto exchange, which holds them in its own wallets. The exchange can pause withdrawals, freeze accounts, or go bankrupt with customer funds trapped inside, as happened repeatedly during the 2022 and 2023 exchange collapses.
  • Qualified Custodians: Institutional-grade third parties regulated under traditional financial custody rules, offering insurance and regulatory oversight but introducing counterparty risk and ongoing fees.

The self-custody market splits broadly into hot wallets, software connected to the internet and convenient for frequent transactions, and cold wallets, hardware devices or air-gapped systems that never expose the private key to an internet-connected machine. Ledger, the largest hardware wallet maker, says its devices secure more than 20 percent of the world's crypto assets, an estimate that implies roughly $400 billion sitting in cold storage behind its hardware across more than 7 million customers. Yet by Ledger's own research, only about 10 million of an estimated 400 million crypto holders worldwide practice what it calls secure self-custody, meaning most retail holders still leave their assets with a third party by default.

How Do Multisig Wallets Get Compromised Despite Multiple Signers?

Multisig wallets are supposed to prevent any single compromised laptop or rogue employee from moving funds alone. The appeal is straightforward: the underlying cryptography is sound and battle-tested. Safe has become the default signing layer for a large share of DAO treasuries, protocol foundations, and exchange operational wallets, precisely because its contracts are open source, widely audited, and battle-tested across years of mainnet use. But real-world multisig failures reveal a pattern: the weakness is rarely the underlying cryptography; it is everything built around it.

On February 21, 2025, Bybit lost roughly $1.5 billion in Ethereum after the Lazarus Group, a hacking unit linked to North Korea, compromised a Safe developer's machine and injected malicious code into the interface Bybit's signers used to review and approve transactions. Bybit's signers, including co-founder and CEO Ben Zhou, believed they were approving a transfer to a known, whitelisted address. What they actually signed altered the smart contract logic of the cold wallet itself, letting the attackers redirect the funds.

"I checked the code, but I didn't check fully if, normally, also the address, the destination address, is not inside of that multisig signing," said Ben Zhou, describing how the compromised interface masked what the signature actually authorized.

Ben Zhou, Co-founder and CEO at Bybit

Bybit was not an isolated case. WazirX lost roughly $230 million in July 2024 when attackers exploited a mismatch between what its Safe multisig interface displayed and what it actually signed, and Radiant Capital lost around $50 million that October after malware and blind signing let attackers push a malicious ownership-transfer call through a 3-of-11 signer set. In each case the signing threshold itself held; enough legitimate signers approved a transaction because the interface lied to them about what that transaction actually did. Security researchers now push clear signing standards that decode a transaction's real effect in human-readable form before a signer approves it, alongside basics like withdrawal delays and independent transaction simulation, protections Bybit lacked at the time of its hack.

How to Evaluate Custody Options for Your Risk Tolerance

Choosing a custody model requires understanding your specific constraints and what you are willing to trade off. Here are the key factors to consider:

  • Operational Complexity vs. Security: Self-custody with Shamir's Secret Sharing or passphrases adds security by ensuring no single physical backup is enough to move funds, but the added operational complexity is part of why most casual holders never adopt it. Newer smart contract wallets built on account abstraction standards now add social recovery and spending limits on top of self-custody, narrowing the gap with custodial convenience without reintroducing a single third party as the sole point of failure.
  • Interface Trust and Clear Signing: If using multisig, verify that your signing interface displays transactions in human-readable form before you approve them. Blind signing, where you approve a transaction without understanding what it actually does, is how most multisig hacks succeed. Withdrawal delays and independent transaction simulation add friction but catch malicious transactions before they execute.
  • Key Distribution and Hardware: MPC wallets solve the problem of a single key being stolen by splitting it into shares that never reconstruct in one place, but the surrounding key-management software, hardware security modules, and policy engine are where most real-world MPC incidents actually originate. Evaluate the vendor's track record and the specific hardware and software they use to protect key shares.
  • Counterparty Risk and Insurance: Qualified custodians introduce counterparty risk and ongoing fees, but they offer insurance and regulatory oversight under traditional financial custody rules. Exchanges offer convenience but can pause withdrawals, freeze accounts, or go bankrupt with customer funds trapped inside.

Self-custody shifts all operational risk onto the holder, which is exactly why institutions, exchanges, and most retail users end up relying on one of the shared-control or third-party models for at least part of their holdings. The trade-off never fully disappears. Custody, in other words, is not a solved problem. It is a set of trade-offs between convenience, control, and counterparty risk, and the right answer changes depending on who holds the assets and why.

The 2026 custody landscape reveals a sobering reality: scale and regulatory approval do not eliminate the fundamental risks. BitGo's public debut signals that institutional custody is now a mainstream financial service, but the same year's exchange collapses and multisig hacks remind us that every custody model has a failure mode. The question is not whether your chosen custody method will fail, but whether you understand what happens when it does.