Smart Contract Hacks Surge Past $3.9B in 2025 as Third-Party Breaches Escalate

• Crypto hacking losses reached $3.95 billion in 2025 with North Korean groups
  dominating thefts
  .
• Third-party breaches caused catastrophic incidents like the $1.5B ByBit heist via Safe{Wallet}
  according to reports
  .
• Supply chain attacks
  compromised Trust Wallet's extension
  resulting in $8.5 million losses.
• An unexplained cross-chain exploit
  drained hundreds of wallets
  with $107,000 stolen to date.

Smart contract hacks inflicted unprecedented damage on crypto ecosystems in 2025,

. Third-party breaches and supply chain vulnerabilities dominated attack vectors, . North Korean cyber groups amplified risks through sophisticated phishing operations targeting operational weaknesses. The industry faces mounting pressure to harden security protocols as threats evolve beyond technical flaws.

How Did Third-Party Vulnerabilities Drive Record Losses in 2025?

Third-party service providers became critical attack surfaces last year. Hackers

by compromising Safe{Wallet} through social engineering. They after gaining AWS access through a developer account. Centralized exchanges suffered the largest losses despite decentralized protocols facing more frequent attacks .

Trust Wallet's $8.5 million breach

. Attackers using stolen API credentials to upload malicious code. This from over 2,500 users before detection. Some reports , highlighting incident volatility. Such breaches underscore systemic infrastructure fragility.

What Are the Emerging Attack Vectors Threatening Crypto Security?

North Korean groups like Lazarus

targeting operational gaps. Phishing and social engineering attacks surged while smart contract exploits . These actors to trick employees into signing fraudulent transactions. Recovery rates dropped sharply with only 13% of stolen funds reclaimed .

An ongoing cross-chain exploit

. Hundreds of EVM wallets each, totaling $107,000. Attackers use distributed tactics across blockchains to evade detection. Security investigators despite active thefts continuing. This represents a troubling escalation in stealth attacks.

How Can the Industry Address Rising Supply Chain Risks?

Enhanced third-party risk management has become essential for survival. Firms must implement rigorous software dependency audits and credential rotation

. Multi-signature protocols and cold storage adoption would reduce hot wallet exposure to live threats . Security teams prioritize vendor assessments after incidents showed single vulnerabilities cascading across systems.

Regulatory pressure will likely

starting this year. Operational failures caused most breaches rather than code vulnerabilities last year . Mandatory security certifications could mitigate risks at aggregation points like law firms and cloud providers . The industry must consolidate security gains to prevent further erosion of institutional trust.