Cryptocurrency Industry Loses $2.5 Billion in First Half of 2025 Due to Hacks and Scams

In the first half of 2025, the cryptocurrency industry experienced a significant surge in losses due to hacks and scams, with nearly $2.5 billion worth of cryptocurrencies stolen across 290 incidents. This figure surpassed the total losses recorded for the entire year of 2024, indicating a troubling trend in the security landscape of digital assets.

The majority of these losses, totaling over $1.7 billion, were attributed to compromised wallets across 34 incidents. Phishing attacks were the second most prevalent, resulting in over $410 million in losses from 132 cases. Code vulnerabilities also played a significant role, leading to losses exceeding $283 million across 114 incidents. Exit scams and price manipulation, though less frequent, still contributed to combined losses of nearly $20 million. Additionally, access control exploits accounted for $42 million in damages.

After adjusting for returned and frozen funds, the net losses for the first half of 2025 stood at $2.29 billion, surpassing the adjusted total of $1.98 billion recorded for all of 2024. A significant portion of this year’s losses, approximately 72% or $1.78 billion, were due to two large-scale incidents: the Bybit hack in Q1 and the Cetus protocol exploit in Q2. Excluding these incidents, the losses for the first half of 2025 would have been around $690 million.

The first quarter of 2025 saw $1.67 billion in losses, more than double the $801 million recorded in the second quarter. While the pace of attacks slowed in the second quarter, several major incidents still contributed to substantial losses. Phishing was the most widespread attack vector in Q2, accounting for over $395 million in losses across 52 incidents. Code vulnerabilities and access control weaknesses followed, resulting in losses of $235.7 million and $36.1 million, respectively. Wallet compromises, which had dominated Q1, caused $112 million in losses from 9 incidents in Q2.

Q2 also saw several high-value breaches, including the $225.6 million exploit of Cetus, the $89.1 million hack of an exchange, and a $16.1 million attack on ALEX Lab. Other incidents involved smart contract flaws, infrastructure breaches, or compromised wallets.

Ethereum was the most targeted blockchain, suffering losses of more than $1.58 billion across 164 incidents, while BitcoinBTC-- came in second, with over $373 million lost across 10 incidents. CertiK noted that $187 million in stolen funds were returned in the first half of the year, bringing the adjusted total losses to just over $2.28 billion. Of this, $180 million was recovered in Q2 alone.

The surge in losses highlights the ongoing challenges faced by the cryptocurrency industry in securing digital assets. The significant impact of large-scale incidents underscores the need for enhanced security measures and vigilance against emerging threats. As the industry continues to evolve, addressing these vulnerabilities will be crucial for maintaining trust and ensuring the long-term viability of digital currencies.