July crypto hacks surge 27.2% to $142M as cyberattacks intensify

Generated by AI AgentCoin World
Friday, Aug 1, 2025 3:42 am ET2min read
Aime RobotAime Summary

- Crypto platforms lost $142M in July 2025 from 17 major breaches, a 27.2% increase from June.

- Major attacks included CoinDCX's $44.2M phishing breach and GMX's $42M smart contract exploit.

- Attackers moved stolen funds in seconds, with 70% of assets laundered before breaches were disclosed.

- Only 4.6% of stolen crypto was recovered in H1 2025, highlighting AML system inadequacies.

- PeckShield warns evolving tactics like malware and key compromises outpace platform defenses.

Cryptocurrency platforms suffered a record $142 million in losses from 17 major security breaches in July 2025, according to PeckShield [1]. This marks a 27.2% increase compared to the $111.6 million stolen in June, as the frequency and sophistication of attacks continue to rise [1]. The incidents spanned exchanges, DeFi protocols, and cross-chain systems, underscoring the growing threat of cyberattacks in the digital asset space.

Among the most significant breaches was a $44.2 million attack on CoinDCX, one of India’s largest exchanges, which occurred on July 19 [1]. The breach was initiated through a phishing attempt disguised as a fake job offer sent to an employee, leading to the introduction of malware that enabled the theft of crypto assets [1]. This case exposed critical weaknesses in internal threat detection and employee security awareness, even at a well-established platform.

GMX, a decentralized derivatives protocol, experienced the second-largest loss of the month when attackers exploited a smart contract vulnerability and stole $42 million [1]. Approximately $40.5 million in Ethereum (ETH) and Frax Dollar (FRAX) was later returned, but the event highlighted ongoing concerns about DeFi risk, where the rapid deployment of smart contracts often outpaces rigorous security audits [1].

Other notable victims included BigONE Exchange, which lost $28 million; WOO X, which reported a $12 million loss; and Future Protocol, which lost $4.2 million [1]. Despite the partial recovery from the GMX breach, the total net loss for the month exceeded $100 million [1].

A deeper layer of concern lies in the speed with which attackers move stolen funds. According to a H1 2025 report by Global Ledger, a blockchain AML and forensics firm, attackers are laundering assets faster than ever, with the fastest recorded fund movement occurring in just four seconds [1]. In nearly 70% of cases, funds were already in motion before the breach was publicly disclosed [1]. This delay severely limits the ability of compliance teams and regulators to respond effectively. Despite available blockchain tracking tools, only 4.6% of stolen assets were recovered in the first half of 2025 [1].

PeckShield’s findings highlight a troubling trend: as platforms improve their defenses, attackers are evolving their tactics, exploiting smart contract flaws, malicious approvals, and compromised private keys [1]. Traditional anti-money laundering (AML) practices are becoming insufficient against these high-speed, sophisticated attacks [1]. The report stresses that without faster detection methods and stronger internal security protocols, platforms will struggle to keep pace with increasingly advanced cybercriminals.

The rise in attacks signals a critical juncture for the crypto industry. While on-chain analysis provides some visibility, it must be paired with proactive security measures and rapid response strategies. As the value of digital assets grows, so does the incentive for those seeking to exploit vulnerabilities, making resilience a top priority for all stakeholders involved [1].

Source:

[1] July crypto hacks top $140M among 17 major exploits: PeckShield, https://crypto.news/july-crypto-hacks-140m-17-exploits-peckshield-2025/

Comments



Add a public comment...
No comments

No comments yet