Crypto Hacks Surge 115% in 2025, Losses Exceed $2.47 Billion

Crypto hacks have reached an alarming level in the first half of 2025, with losses exceeding $2.47 billion. This figure surpasses the total losses recorded for the entire year of 2024, highlighting a significant increase in security breaches within the crypto ecosystem. The report from CertiK indicates that major breaches, particularly those at Bybit and Cetus Protocol, account for a substantial portion of these losses. Bybit's breach in February resulted in the theft of over $1.5 billion in liquid-staked ETH and MegaETH, making it the single largest exploit of the year so far. Cetus Protocol, a decentralized exchange on Sui, lost approximately $225 million due to a smart contract flaw in May. Despite some funds being recovered, the net loss for the first half of the year remains around $2.29 billion.

The report underscores a shifting threat landscape, with wallet compromises and phishing attacks leading the pack. Wallet hacks alone resulted in $1.7 billion in losses across 34 attacks, while phishing scams followed closely, with over $410 million stolen in 132 incidents. The average amount lost per incident stood at over $7.1 million, while the median loss was just under $90,000. The rise in losses due to code vulnerabilities, particularly in May 2025, is also noteworthy. Flawed smart contracts caused $229 million in damages, a significant jump from just $5 million in April. This trend highlights the evolving nature of cyber threats in the crypto space as the tokenization of financial systems accelerates.

While private key breaches have shown signs of decline, phishing and smart contract risks continue to evolve rapidly. The report from CertiK signals increasing security threats, including phishing and wallet breaches. Current patterns resemble past events, indicating the ongoing evolution of exploit techniques. The rise in losses impacts both security and trust in the market, demanding immediate security protocol upgrades. Crypto investors and developers are responding by updating security protocols and focusing on vulnerability patches. Such actions reflect an urgent need for enhanced defense against evolving threats targeting digital assets.

The report urges users to be cautious, double-check URLs, avoid suspicious links, and use hardware wallets for storage. Social engineering attacks remain a serious threat, with a BTC whale falling victim to a phishing scam that resulted in a $330 million loss in April. The attacker used multiple instant exchanges and eventually swapped the funds for the privacy coin Monero. Despite the scale of attacks, the report emphasizes the importance of vigilance and proactive security measures to mitigate future risks. The second half of 2025 may test whether recovery efforts can keep up with the rising tide of exploits. As crypto scams and hacks rise, so do violent crimes targeting private holders. Physical attacks, known as “wrench attacks,” have been reported globally, with nearly a third of these incidents occurring in France. The attacks have grown more brutal, with victims being kidnapped and mutilated in failed ransom attempts. Criminals have also begun targeting families, prompting increased demand for private protection services.