Crypto Hacks Surge 100% in 2025, Highlighting Urgent Security Needs

In February, the Bybit breach set a new record for the largest hack in crypto history, with North Korean cybercriminals stealing over $1.4 billion in a swift and audacious heist. This incident, along with others, has highlighted the vulnerabilities within the crypto ecosystem, particularly in decentralized finance (DeFi) protocols. According to TRM Labs, $2.1 billion worth of crypto has been lost to attacks in the first half of 2025 alone, underscoring the urgent need for enhanced security measures.

Centralized exchanges (CEXs) and DeFi protocols must learn from these incidents to prevent future hacks. For CEXs, significant changes are necessary in how transactions are signed. Relying solely on user interface summaries is no longer sufficient; manual decoding of call data is crucial to ensure funds reach their intended destination. Advanced solutions such as "intelligent co-signers" and multi-party computation can validate transactions and split private keys into multiple shards, enhancing security.

In recent hacks, interfaces were manipulated to deceive executives into authorizing malicious transactions. Over 80% of the crypto stolen this year was taken through infrastructure exploits, which on average yielded 10 times more than other attack types. This pattern indicates a clear and growing threat that CEXs must address.

For DeFi protocols, the first step is to implement robust safeguards that close off attack vectors, making it difficult for hackers to exploit their infrastructure. When hackers attempt to move illicit funds through decentralized platforms, improvements in risk intelligence, transaction monitoring, and wallet screening are essential. These measures can detect malicious activity within seconds, allowing security teams to take swift action.

Bybit CEO Ben Zhou's experience with the February hack illustrates the challenges in freezing stolen funds. The vast amounts of ETH were spread across many wallets in hundreds of transactions, making it difficult to track and recover the funds. This highlights the need for DeFi protocols to enhance their efforts in preventing hackers from exploiting their infrastructure.

A blend of real-time intelligence, human-based intelligence, and advanced risk management dashboards can play a crucial role in detecting and responding to incidents. This layered approach allows for the screening of interactions and transactions against blocked addresses, assigning wallets to monitoring zones, and applying real-time risk scoring for addresses. Suspicious wallets and IP connections can be blocked before funds are lost, empowering security teams to interpret behavioral anomalies and take swift action.

Healthy competition between exchanges and DeFi protocols is beneficial for customers, who deserve choice. However, a hack against one platform must be treated as an attack against the entire industry. Close collaboration is not just good PR; it is an opportunity to form a united front against thieves who jeopardize the industry's future. Every hack dents consumer confidence, and if they continue, regulators may impose restrictions that penalize law-abiding crypto users and developers.

DeFi protocols, by design, are open to all users and do not oversee or manage transactions like centralized alternatives. A non-custodial approach means DeFi developers cannot freeze illicit funds going through their platform. Lawmakers may not fully appreciate how DeFi platforms work, leading to accusations against developers for transactions they were not personally responsible for. Recent crypto hacks serve as a wake-up call for responsible DeFi developers to create sound governance and security models that keep up with technological advancements.

Careful protocol design, layered defense systems, and continual security reviews have the potential to make crypto hacks no longer worthwhile for opportunistic thieves. The more profound truth is that if crypto fails to self-regulate, it could become one of the most compelling counterarguments against the free market itself. Traditional finance operates under a clear set of enforced rules created by regulators, acting as a buffer against systemic risk and crime. DeFi, in contrast, prides itself on eliminating intermediaries and embracing pure market dynamics. Ongoing events show that absolute freedom may not be sustainable without even a thin layer of coordination or safeguards.

Perhaps the ideal is not a 100% free market but an 85% one, where the remaining 15% serves as a programmable rule layer designed to uphold security, prevent abuse, and foster trust. This is not about replicating traditional finance's bureaucracy but implementing automated, transparent, and minimally invasive standards for things like Anti-Money Laundering, fraud detection, and risk attribution. Think of it as protocol-level guardrails: smart, modular layers that allow DeFi to preserve openness while ensuring accountability. These could be community-driven, open-source standards embedded directly into protocols, decentralized applications, and interfaces—a collective effort to reduce systemic threats without compromising decentralization.

DeFi doesn’t need to mimic traditional finance to mature, but freedom without responsibility may invite chaos. The goal is not to restrict innovation but to future-proof it through shared standards, ethical design, and resilience. Yes, it will take time, investment, and experimentation, but in the long run, the dividends will be enormous.