July Crypto Hacks and Scams Cost $147 Million Amid Security Failures

Generated by AI AgentCoin World
Monday, Aug 4, 2025 5:21 pm ET1min read
Aime RobotAime Summary

- July 2025 crypto hacks and scams caused $147M losses across centralized and decentralized platforms, exposing critical infrastructure vulnerabilities.

- Major breaches included CoinDCX's $44.2M theft, GMX's $42M reentrancy attack, and phishing schemes affecting 9,000 victims averaging $7M per case.

- Centralized exchanges accounted for 61% of losses, with attacks exploiting smart contract flaws, supply chain weaknesses, and social engineering tactics.

- Analysts urge stronger audits, user education on phishing risks, and operational transparency to prevent recurring security failures in the crypto sector.

The crypto industry faced a severe security crisis in July 2025, with an estimated $147 million lost to a series of high-profile hacks and scams across both centralized and decentralized platforms [1]. The attacks exposed widespread vulnerabilities in the infrastructure, underlining the urgent need for stronger security measures and greater transparency within the sector.

According to the SlowMist Blockchain Hacked Incident Database, 13 significant breaches occurred in July, collectively costing around $140 million [1]. Meanwhile, the phishing detection platform Scam Sniffer reported over 9,000 cases of phishing victims, with each case averaging around $7 million in losses [1]. These incidents reveal a dual threat—both sophisticated technical exploits and social engineering tactics targeting users.

One of the most notable breaches occurred on July 19 when India’s CoinDCX suffered a $44.2 million loss from its internal operations wallet [1]. Despite the setback, co-founder Sumit Gupta assured customers that funds in cold storage were unaffected and that the company would bear the full cost of the losses. Similarly, the decentralized exchange GMX fell victim to a reentrancy attack on July 9, losing $42 million due to a flaw in its leverage and price update systems [1]. GMX responded by offering a $5 million bounty to a white hat hacker who identified and helped secure the vulnerability.

Centralized exchanges were also heavily impacted. BigONE experienced a $27 million loss through a supply chain attack, in which attackers exploited server logic to facilitate unauthorized transfers [1]. WOO X halted all withdrawals after a phishing attack on a team member led to $14 million in unauthorized withdrawals [1]. Another incident involved ZKSwap, where a flaw in the cross-chain bridge allowed attackers to steal $5 million by manipulating the emergency withdrawal mechanism [1].

Security analysts attribute much of the damage to smart contract vulnerabilities, with centralized exchanges accounting for 61 percent of total losses [1]. These incidents highlight the risks of complex financial products like leverage and oracles, which, if not thoroughly audited, can create exploitable loopholes. Additionally, phishing schemes have become increasingly sophisticated, often using fake

Zoom
meetings or hardware to trick users into revealing sensitive information.

The cumulative loss of $147 million in July serves as a stark warning to the crypto industry. While some firms have acted swiftly to address breaches and compensate victims, the broader community must recognize the severity of the threat. Analysts emphasize the need for rigorous system audits, enhanced user education on phishing risks, and increased transparency in platform operations. Without these measures, the sector remains vulnerable to repeated exploitation.

Source: [1] July Shockwave: How $147 Million Vanished From Crypto Ecosystem (https://www.livebitcoinnews.com/july-shockwave-how-147-million-vanished-from-crypto-ecosystem/)

Comments



Add a public comment...
No comments

No comments yet