2025 H1 Crypto Theft Surpasses 2024 Total; $3.01B Stolen as Laundering Speeds Outpace AML Measures

Generated by AI AgentCoin World
Friday, Jul 25, 2025 4:45 pm ET2min read
Aime RobotAime Summary

- Swiss firm Global Ledger reports $3.01B stolen via 119 crypto hacks in H1 2025, surpassing 2024’s total.

- 23% of stolen funds were laundered before breaches were disclosed, with 31.1% cleaned within 24 hours, outpacing AML systems.

- Centralized exchanges (CEXs) accounted for 54.26% of losses, exploited as high-value targets with systemic vulnerabilities.

- U.S. Genius Act enforces stricter AML rules, while Tornado Cash developer faces charges for enabling $1B in laundering.

- Report urges real-time monitoring for CEXs, citing only 4.2% fund recovery in H1 2025 amid rapid DeFi protocol exploits.

A Swiss blockchain analytics firm has uncovered alarming trends in cryptocurrency theft and laundering, revealing that $3.01 billion was stolen across 119 hacks in the first half of 2025—surpassing the total for all of 2024. The report by Global Ledger highlights not just the scale of losses but the unprecedented speed at which stolen funds are laundered, often before victims or regulators are even aware of breaches [1].

According to the analysis, 23% of laundering processes were fully completed before hacks were publicly disclosed, with stolen funds already in motion in 68.1% of cases by the time breaches were recognized. In the swiftest incident, funds were moved within four seconds of an exploit, with laundering finalized in under three minutes. Overall, 31.1% of laundering was completed within 24 hours, while public disclosures averaged 37 hours. This 20-hour head start for attackers—often leaving compliance teams with just 10–15 minutes to act—has rendered traditional anti-money laundering (AML) systems increasingly ineffective [1].

Centralized exchanges (CEXs) emerged as the primary target, accounting for 54.26% of total losses in 2025. The report attributes this to CEXs serving as high-value, centralized points of failure, outpacing risks from token contract exploits (17.2%) and personal wallet breaches (11.67%). A further 15.1% of laundered funds passed through CEXs, underscoring their role as critical nodes in the laundering chain [1].

The speed of laundering has forced regulators and compliance teams to confront systemic weaknesses. A $44.2 million breach at India’s CoinDCX on July 19 exemplified this, as attackers bypassed user wallets to exploit internal systems, highlighting vulnerabilities in CEX infrastructure [2]. Meanwhile, a broader $3.1 billion in losses reported by Hacken’s 2025 Half-Year Web3 Security Report attributed 61.4% of damages to

Ethereum
, with BNB Chain and Arbitrum accounting for 20.2% and 11.4%, respectively. Access control failures dominated these losses, while AI-driven exploits surged by 1,025% year-on-year [3].

Regulatory responses are intensifying. The Genius Act, signed by U.S. President Donald Trump on July 18, imposes stricter AML requirements and faster response timelines on exchanges and virtual asset service providers (VASPs). Concurrently, the trial of Tornado Cash developer Roman Storm underscores shifting expectations for accountability. Prosecutors argue that developers must implement controls to prevent illicit use, even in decentralized systems, with Storm facing charges of conspiring to facilitate $1 billion in money laundering, including funds linked to North Korea’s Lazarus Group [1].

The report recommends real-time, automated monitoring systems for CEXs to counteract the speed of laundering. Current ticket-based compliance processes, it notes, are inadequate against attackers who often have 15 hours to move funds before any public alert. Only 4.2% of stolen funds were recovered in the first half of 2025, underscoring the urgency for systemic upgrades [1].

As blockchain adoption expands into enterprise applications, the report warns that rapid technological innovation is outpacing security frameworks, particularly in DeFi protocols, which accounted for 69% of first-half incidents. Co-Founder Yevheniia Broshevan described 2025 as a “wake-up call,” urging protocols to integrate cybersecurity as a core business function [3].

Source:

[1] Cointelegraph, [https://cointelegraph.com/news/real-time-crypto-laundering-cex-vulnerabilities-report]

[2] CCN.com, [https://www.ccn.com/education/crypto/coindcx-hack-44m-india-crypto-security-crisis-explained/]

[3] Cryptonews, [https://www.coindesk.com/hacken-2025-half-year-web3-security-report]