The landscape of cryptocurrency security is increasingly alarming, with record losses documented in the first half of 2025. An astonishing $2.1 billion was lost through various hacks and attacks, spanning across 75 distinct incidents. This figure not only surpasses the previous record set in the first half of 2022 by approximately 10%, but it also approaches the total sum stolen throughout all of 2024.
Staggering Losses in Crypto Theft
As per data from a recent TRM Labs study, cybercriminals successfully pilfered around $2.1 billion from January to June of this year. The thefts were widespread, hitting various platforms multiple times, with significant losses over $100 million occurring in January, April, May, and June. This trend highlights an ongoing threat that is far from being isolated.
The Bybit Incident: A Record-Breaking Breach
In February, a cataclysmic breach at the Dubai-headquartered Bybit exchange accounted for the largest loss of the year, totaling $1.5 billion. This single event constituted nearly 70% of the total losses seen thus far in 2025, resulting in a staggering average hack size of almost $30 million—double the $15 million average recorded in the first half of 2024. Even when excluding the Bybit breach, large-scale thefts of over $100 million continue to pose significant challenges.
State-Backed Actors Fueling Cybercrime
Analysis indicates that groups affiliated with North Korea have been instrumental in approximately $1.6 billion of all stolen crypto to date—amounting to around 70% of the total losses. Experts suggest that these cybercrimes are funding the country’s efforts to evade international sanctions, as well as its weapons programs.
Additionally, on June 18, a $90 million hack at Iran’s largest cryptocurrency exchange, Nobitex, has been attributed to a group known as Predatory Sparrow, allegedly working on behalf of Israel. This attack, notably, involved moving funds to addresses lacking private keys, which raises questions about possible political motivations behind the hack.
Attack Patterns and Strategies for Enhanced Security
Reports indicate that over 80% of stolen funds in the first half of this year were the result of infrastructure-related hacks, including thefts of private keys, insider jobs, and front-end attacks. These types of breaches tend to be magnitudes larger than attacks targeting smart contracts.
Protocol vulnerabilities, such as flash-loan exploits and re-entrancy attacks, accounted for another 12%. Although smart contracts can still be vulnerable, updates and patches are often deployed more swiftly compared to hidden back-door threats or insider breaches.
Experts argue that the surge in state-sponsored cyber theft necessitates robust security reforms. Cold storage solutions should become standard practice, while multi-factor authentication is essential for safeguarding critical accounts. Regular security audits should be routine, complemented by insider-threat programs and social engineering awareness training.
Collaboration among global law enforcement agencies, financial intelligence units, and blockchain forensic organizations like TRM Labs is now more critical than ever. Fast sharing of alerts and seamless tracking of funds across international borders are vital tools in combating these extensive thefts. While a united defensive posture poses challenges, as cryptocurrency increasingly intersects with national security, the urgency for a comprehensive defense strategy becomes apparent.
Image source from Unsplash, statistical chart courtesy of TradingView
