Crypto Industry Loses $2.1 Billion in First Half of 2025 Due to Surge in Attacks

The cryptocurrency industry is currently grappling with a surge in large-scale attacks, resulting in the theft of over $2.1 billion in digital assets within the first half of 2025. This figure represents a 50 percent increase in incidents compared to previous years, with 75 separate breaches reported. The majority of these funds were lost through infrastructure-focused breaches, including private key thefts, front-end compromises, and seed phrase leaks, which accounted for more than 80 percent of the stolen amount. These types of attacks were particularly damaging, with social engineering and insider access identified as the leading enablers behind the most destructive intrusions.

North Korea has been linked to a significant portion of these thefts, with $1.6 billion in crypto assets stolen, making the country responsible for nearly 70 percent of the total value stolen this year. The largest breach targeted Bybit, a Dubai-based exchange, resulting in an average hack size of $30 million, double the $15 million average reported in 2024. North Korean operatives continue to use these crypto crimes to bypass international sanctions, making them a major concern for cybersecurity agencies and blockchain platforms.

Geopolitical tensions are also playing a role in the increasing cybercrime targeting crypto networks. An Israeli hacker was identified as the mastermind behind a $100 million attack on Nobitex, an Iranian exchange, in June 2025. This incident highlighted how geopolitical tensions are spilling over into cybercrime, with state actors using crypto as a tool in global conflicts. The breaches reveal deep security gaps within the digital asset ecosystem, with many attacks succeeding by targeting core systems and bypassing front-end protections.

In response to these growing threats, TRM Labs has urged platforms to enhance security measures through the use of cold storage, multi-factor authentication, and continuous internal audits. They also emphasized the importance of detecting insider threats early and training staff to resist social engineering. With global attacks increasing in scale and sophistication, crypto platforms must prioritize infrastructure defense. The rising threat from state actors and advanced hacking groups demands immediate and sustained action to protect users and platforms alike.