Blockchain Security Report Reveals Rising Cyber Threats in 2025

Blockchain security incidents in 2025 led to over $2.9 billion in losses, according to a report by SlowMist. The number of incidents decreased from 410 in 2024 to 200 in 2025, but the average loss per event more than doubled. This indicates a shift in tactics by attackers toward high-value targets and centralized platforms.

Ethereum was the most impacted platform with $254 million in losses, followed by Binance Smart Chain (BSC) and SolanaSOL--. Decentralized finance (DeFi) protocols accounted for 63% of all incidents, with 126 attacks resulting in $649 million in losses. In contrast, centralized exchanges experienced fewer incidents but incurred higher losses, with Bybit suffering a $1.46 billion breach according to data.

Centralized exchanges faced fewer but larger breaches, with Bybit's $1.46 billion loss being the most severe. The breach at Bybit was attributed to sophisticated state-sponsored actors, marking the largest single cryptocurrency heist in history. This single incident accounted for over 80% of the total losses from centralized exchange breaches in 2025.

Why Did This Happen?

Attackers shifted focus from low-value targets to high-liquidity platforms and centralized chokepoints according to reports. This trend was driven by organized crime syndicates and nation-state actors, particularly those linked to North Korea. Attackers employed more sophisticated tactics, including multi-stage operations and structured laundering processes as research shows.

The use of Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) lowered the barrier to entry for less skilled criminals, enabling them to launch complex attacks. Phishing campaigns also evolved, incorporating AI-generated content to mimic customer support agents and project founders, making them more convincing.

How Did Markets Respond?

Regulatory enforcement and anti-money laundering (AML) efforts increased in response to the growing threat landscape. Law enforcement agencies froze assets and imposed sanctions, with TetherUSDT-- and Circle freezing USDTUSDT-- and USDCUSDC-- on multiple addresses. Across 18 major incidents, approximately $387 million was recovered or frozen.

The shift in regulatory focus from entities to the infrastructure facilitating crime marked a significant change in enforcement strategies. Regulators are now targeting malware networks, dark web markets, and laundering hubs. This broader scope of enforcement reflects the growing complexity of cyber threats in the crypto industry.

What Are Analysts Watching Next?

Industry experts call for stronger security frameworks and compliance measures. Projects that cannot demonstrate strong key management, permission design, and credible AML frameworks may find themselves cut off from banking partners and users. Investors and users are also advised to maintain active vigilance due to the increasing sophistication of attacks.

The Bybit hack demonstrated that top-tier platforms have the capital depth to absorb large security breaches. However, the concentration of risk in centralized platforms raises concerns about long-term stability. As the industry matures, security standards, audits, and user education will become increasingly important for trust and stability.

Overall, 2025 exposed deep structural weaknesses in the security of the crypto industry. From state-sponsored attacks to basic approval exploits, hackers showed an increasing level of sophistication. As the industry moves forward, the lessons learned from 2025 will shape the future of security and compliance in the blockchain space.