Every cryptocurrency exchange is a honeypot with a user interface. The custody wallets, the signing infrastructure, and the treasury management tools inside a mid-sized exchange contain more directly extractable value than almost any other software system on the internet. That reality has shaped the threat model for well over a decade, but the specific contours of the threat have shifted in the last two years toward supply chain attack patterns that most engineering organizations have never had to defend against.
The Ronin Bridge hit on 23 March 2022, where Lazarus-attributed actors extracted roughly $625 million in ETH and USDC, was the loudest reminder of the stakes. The Atomic Wallet event in June 2023 — $100 million in aggregate user losses — followed a related playbook. The Stake.com breach in September 2023 bled roughly $41 million. Poloniex lost approximately $100 million on 10 November 2023. The HTX and HECO Chain incidents in November 2023 added another $100 million. Each of these had different proximate mechanics, but they shared a common ancestor: a supply chain compromise, a developer workstation compromise, or a build pipeline compromise that the exchange had failed to anticipate.
The threat model that actually applies
A typical enterprise software organization's threat model includes financial fraud, ransomware, and credential theft. A cryptocurrency exchange's threat model has to include state-sponsored theft by actors who will invest twelve to twenty-four months of operator time into a single target. Lazarus's activity through 2024 — tracked in detail by TRM Labs, Chainalysis, and Mandiant — shows a group that will build a custom malware toolkit for a single exchange, maintain dwell time of over a year inside a target's build infrastructure, and patiently wait for a production deployment cycle to insert a signed payload.
The 3CX compromise in March 2023, attributed by Mandiant to a DPRK cluster that overlaps with Lazarus, was the cleanest public example of how this works. 3CX's own build pipeline was compromised. A legitimately signed installer shipped to hundreds of thousands of customers — not a cryptocurrency exchange, but the same tradecraft. If you run an exchange and your build infrastructure looks architecturally similar to 3CX's, the same outcome is possible.
Where the supply chain actually sits
An exchange's supply chain has several distinct zones, each with its own risk profile.
The trading engine and order book. Typically built in C++, Rust, or Java for latency, these systems have relatively small direct dependency footprints but live inside a build pipeline that pulls libraries from public package repositories.
The wallet and signing infrastructure. This is the highest-value zone. Code that touches private keys — whether HSM-backed hot wallets, multi-party-computation signing services, or cold-storage workflows — has the tightest threat model. The 2023 and 2024 disclosures from Fireblocks, Conio, and several internal exchange teams all pointed toward supply chain hardening as the next frontier for this zone.
The frontend and customer-facing services. Exchanges run web UIs, mobile apps, and market-data services with dependency graphs that look like any other modern fintech — React or Vue, Node.js backends, mobile clients in React Native or native. The Stake.com compromise, which Coinbase's Conor Grogan and others linked to a private-key exposure through a frontend-adjacent vector, shows how a vulnerability in this zone can still reach signing infrastructure if segmentation is weak.
The treasury, finance, and back-office. Often the most boring systems in the org, these handle tax, accounting, and fiat settlement. They are also typically built on SaaS vendors whose own supply chain hygiene is variable, and they have access to the banking relationships that make off-ramping cryptocurrency theft possible.
What concrete hardening looks like
The exchanges that have meaningfully reduced their supply chain exposure have converged on a set of controls that are specific enough to name.
They treat the wallet and signing code as a separate security domain with its own build pipeline, its own artifact repository, and its own source of truth for dependencies. A package that is permitted in the general company codebase is not automatically permitted in the signing codebase. Every dependency addition in the signing domain requires human review of the maintainer, the repository history, and the cryptographic attestations on the published artifact.
They use reproducible builds for the signing domain, with independent verification by at least two separate build hosts. Divergent output — even one byte — triggers an incident. The Keygen.sh team and several exchange security blogs described the internal tooling for this in 2023 and 2024.
They separate developer workstations from build infrastructure, and they sandbox the execution of package manager install scripts. The Kimsuky and Lazarus "contagious interview" campaigns that Palo Alto's Unit 42 documented in November 2023 targeted developer workstations specifically. An exchange whose developers run npm install on their primary laptop is carrying a risk that the threat model does not tolerate.
They require hardware-backed signing of commits, artifacts, and deployments. Sigstore, cosign, and in-toto have matured to the point where an end-to-end signing chain from source to deployment is achievable with reasonable engineering investment. For wallet-adjacent code, the signing chain is no longer optional.
They restrict access to the package registries. Rather than pulling directly from npm, PyPI, or crates.io, the build pipeline pulls from an internal proxy that enforces an allowlist of packages and versions. A new dependency does not arrive in production without deliberate review.
CVEs and incidents worth cataloging
Several specific vulnerabilities and incidents shaped exchange hardening practice over 2023 and 2024. The ledger-live-desktop compromise, where the ledger-live-connect-kit npm package was backdoored on 14 December 2023 and drained approximately $484,000 from dApps that integrated it before being pulled, was a direct supply chain attack on cryptocurrency infrastructure. Every exchange that relied on third-party wallet connection libraries was forced to reconsider that dependency.
CVE-2023-38545, the curl SOCKS5 heap buffer overflow disclosed 11 October 2023, affected an enormous fraction of the Linux and macOS development tooling that exchange engineers use daily. Exchanges that had inventory quickly identified and updated every system; exchanges that did not found themselves racing to enumerate a decade of accumulated tooling.
CVE-2024-3094, the xz-utils backdoor Andres Freund disclosed on 29 March 2024, was the clearest recent example of a long-dwell upstream compromise. The backdoor, staged over two years by an operator using the handle Jia Tan, would have reached production Linux distributions had Freund not caught it in pre-release testing. The lesson for exchanges was not "patch xz" — it was "your threat model includes two-year social engineering campaigns against single-maintainer open-source projects."
How Safeguard Helps
Safeguard applies reachability analysis to the signing and wallet codebases to isolate the CVEs that matter from the noise of the unreachable majority, a distinction that matters even more when the code in question touches private keys. Griffin AI correlates newly published packages and maintainer changes against known DPRK infrastructure and long-dwell compromise indicators like the xz-utils pattern, flagging anomalies before they reach your build. Our SBOM pipeline gives the security team a ground-truth inventory of every dependency in the signing domain, the trading engine, and the customer-facing stack, and the TPRM module scores custody vendors, liquidity providers, and market-data suppliers against live threat intelligence. Policy gates enforce commit signing, reproducible-build verification, and dependency allowlists, blocking promotion of any artifact that would regress the posture your board has documented to regulators.