Crypto Industry Loses $2.1 Billion in First Half 2025 Due to Record Breaches

In the first half of 2025, the cryptocurrency industry experienced a significant surge in security breaches, resulting in a total loss of $2.1 billion. This period was marked by 75 reported hacks, making it the worst six-month stretch for crypto security on record. The most notable incident was the $1.5 billion attack on Bybit, a Dubai-based exchange, which accounted for nearly 70% of the total losses. This single event not only set a new record for the largest crypto hack but also doubled the average hack size to $30 million compared to the first half of 2024.

The trend of escalating crypto thefts is not isolated to this one event. Each month, except for March, saw losses exceeding $100 million, indicating a sustained and broad threat to the crypto sector. The Bybit hack, attributed to North Korean hackers, highlighted the growing role of state-sponsored actors in crypto theft. North Korea is assessed to be behind $1.6 billion of the $2.1 billion total, making it the most prolific nation-state adversary in the crypto space. These stolen funds are believed to support sanctions evasion and strategic programs, including nuclear weapons development, underscoring the geopolitical implications of crypto theft.

The landscape of crypto theft is evolving. On June 18, an Israel-linked cyber group allegedly breached Iran’s largest exchange, Nobitex, stealing over $90 million. Unlike traditional heists, the stolen assets were transferred to unspendable “vanity” addresses, suggesting symbolic or political motives rather than financial gain. This incident underscores the broader geopolitical tensions playing out in the crypto world.

Infrastructure-level breaches dominated the threat landscape, accounting for more than 80% of the funds stolen. These attacks, which include private key thefts, front-end exploits, and compromised access points, are typically high-impact and often aided by social engineering or insider access. Protocol exploits, such as flash loan and reentrancy attacks, made up 12% of losses, highlighting persistent vulnerabilities in decentralized finance (DeFi) smart contracts.

The escalating scale and sophistication of these attacks, particularly those involving nation-state actors, have raised the stakes for crypto cybersecurity. Traditional defenses are no longer sufficient, and experts are calling for robust, multi-layered protections, including multi-factor authentication (MFA), cold storage, and continuous audits. Additionally, there is a growing need for insider threat detection and countermeasures against social engineering. Global collaboration between law enforcement, financial intelligence units, and firms specializing in crypto security is also crucial.

As crypto increasingly intersects with national security, the first half of 2025 serves as a clear warning: digital assets are now targets in geopolitical conflicts, and defending them requires a unified, global response. The crypto industry must adapt to this new reality, implementing stronger security measures and fostering international cooperation to safeguard against future threats.