Crypto Sector Loses $142M to Hacks in July 27% Up From June

Generated by AI AgentCoin World
Friday, Aug 1, 2025 1:59 pm ET1min read
Aime RobotAime Summary

- PeckShield reports $142M crypto hacks in July, 27% higher than June, with CoinDCX's $44M breach as the largest incident.

- GMX and BigONE suffered $40M and $27M losses respectively, while WOO X reimbursed $14M after a phishing attack compromised internal systems.

- Experts highlight rising threats to off-chain infrastructure, with attackers exploiting backend systems via social engineering and third-party vulnerabilities.

- A U.S. woman received an 8-year sentence for aiding North Korean operatives to infiltrate crypto firms, generating $17M for Pyongyang through identity fraud.

- Industry vulnerabilities persist as attacks shift from smart contracts to backend infrastructures, demanding stronger access controls and security protocols.

Hackers and scammers extracted over $142 million from the cryptocurrency sector in July, marking a 27% increase from June's $111 million in losses, according to PeckShield, a blockchain security firm. The largest incident was the breach of India-based exchange CoinDCX, which lost $44 million in early July [1]. CoinDCX CEO Sumit Gupta described the attack as a “sophisticated server breach,” and a company employee was arrested in connection with the incident, though details remain unclear [1].

The second-largest attack targeted decentralized exchange GMX, where $40 million was stolen on July 11. However, the funds were later returned by the attacker [1]. Just days before the CoinDCX breach, another exchange, BigONE, lost at least $27 million through a third-party attack that compromised its hot wallet system [1].

WOO X completed the top three incidents, suffering a $14 million loss on July 24 after a phishing attack allowed hackers to access a team member’s device and move into the exchange’s internal systems. According to Rob Behnke, chair of blockchain security firm Halborn, which investigated the incident, the attackers used social engineering techniques to access the dev environment and then moved funds across multiple blockchains, including Bitcoin, Ethereum, BNB, and Arbitrum [1]. The affected accounts on WOO X were later reimbursed using the company’s treasury [1].

Behnke noted a growing trend in cyberattacks targeting off-chain infrastructure—backend systems and processes—rather than vulnerabilities in smart contracts. “Smart contract audits only go so far,” he said. “The backend is increasingly where the real damage happens” [1].

Separately, an Arizona woman was sentenced to over eight years in federal prison after admitting to assisting North Korean operatives in posing as American workers to secure remote jobs at U.S. cryptocurrency and tech firms. Prosecutors said she played a central role in a scheme that generated more than $17 million for North Korea, helping DPRK-linked operatives use stolen identities and fake documents to infiltrate over 300 U.S. companies [1].

These incidents highlight the ongoing vulnerabilities in the crypto industry, particularly in security practices and employee access controls. As attacks shift from on-chain exploits to backend infrastructures, the industry faces a new and evolving threat landscape [1].

Source:

[1] https://coinmarketcap.com/community/articles/688cfd100974d212ab4c0927/

Comments



Add a public comment...
No comments

No comments yet