Bitcoin 
Ethereum 
Tether 
XRP 
BNB 
Solana 
USDC 
Dogecoin 
TRON 
Cardano 
Lido Staked Ether 
Wrapped Bitcoin 
Hyperliquid 
Wrapped stETH 
Sui 
Chainlink 
Avalanche 
Stellar 
LEO Token 
Bitcoin Cash 
Toncoin 
Shiba Inu 
Hedera 
USDS 
WETH 
Litecoin 
Wrapped eETH 
Monero 
Polkadot 
Binance Bridged USDT (BNB Smart Chain) 
Ethena USDe 
Bitget Token 
Pepe 
Pi Network 
Coinbase Wrapped BTC 
WhiteBIT Coin 
Uniswap 
Aave 
Dai 
Bittensor 
Ethena Staked USDe 
Aptos 
NEAR Protocol 
Cronos 
OKB 
BlackRock USD Institutional Digital Liquidity Fund 
Jito Staked SOL 
Internet Computer 
Ethereum Classic 
Ondo 
sUSDS 
Tokenize Xchange 
Gate 
Kaspa 
Mantle 
Official Trump 
USD1 
Artificial Superintelligence Alliance 
VeChain 
Render 
Cosmos Hub 
Ethena 
POL (ex-MATIC) 
Lombard Staked BTC 
Fasttoken 
Worldcoin 
Arbitrum 
Filecoin 
Algorand 
Jupiter 
First Digital USD 
Binance-Peg WETH 
Jupiter Perpetuals Liquidity Provider Token 
Celestia 
KuCoin 
Binance Staked SOL 
USDT0 
Bonk 
Sonic 
Virtuals Protocol 
Injective 
NEXO 
Rocket Pool ETH 
Flare 
Stacks 
Story 
Kelp DAO Restaked ETH 
Optimism 
SPX6900 
Sei 
Fartcoin 
Immutable 
Vaulta 
EOS 
Binance Bridged USDC (BNB Smart Chain) 
Maker 
XDC Network 
PayPal USD 
Solv Protocol BTC 
dogwifhat 
Mantle Staked Ether 
StakeWise Staked ETH 
The Graph 
Polygon Bridged USDT (Polygon) 
Curve DAO 
Wrapped BNB 
Renzo Restaked ETH 
Arbitrum Bridged WBTC (Arbitrum One) 
Zcash 
FLOKI 
Tether Gold 
Jupiter Staked SOL 
clBTC 
PAX Gold 
Theta Network 
PancakeSwap 
Lido DAO 
GALA 
Marinade Staked SOL 
Ethereum Name Service 
JasmyCoin 
IOTA 
Core 
Pyth Network 
The Sandbox 
Pendle 
BitTorrent 
Raydium 
Bitcoin SV 
Stables Labs USDX 
Walrus 
OUSG 
Kaia 
Pudgy Penguins 
Solv Protocol Staked BTC 
Jito 
Usual USD 
Polyhedra Network 
Tezos 
Flow 
Ondo US Dollar Yield 
ApeCoin 
THORChain 
Helium 
Super OETH 
L2 Standard Bridged WETH (Base) 
DeXe 
Ket 
cgETH Hashkey Cloud 
SyrupUSDC 
Onyxcoin 
Brett 
Decentraland 
Mantle Restaked ETH 
Falcon USD 
Liquid Staked ETH 
Avalanche Bridged BTC (Avalanche) 
Grass 
Binance-Peg Dogecoin 
Saros 
Arbitrum Bridged WETH (Arbitrum One) 
tBTC 
Dog (Bitcoin) 
TrueUSD 
Wrapped HYPE 
Kava 
Starknet 
Eigenlayer 
Aethir 
Bridged USDC (Polygon PoS Bridge) 
Beldex 
MultiversX 
Keeta 
dYdX 
Aerodrome Finance 
Arweave 
eCash 
Maple Finance 
NEO 
APENFT 
Reserve Rights 
pumpBTC 
Axie Infinity 
KAITO 
AIOZ Network 
USDB 
MimbleWimbleCoin 
Circle USYC 
Compound 
Telcoin 
Staked HYPE 
Conflux 
Ether.fi 
Morpho 
ether.fi Staked ETH 
USDD 
Mantle Bridged USDT (Mantle) 
Ronin 
Chiliz 
Stader ETHx 
Ruth Kamau
The year 2025 has seen an alarming rise in cryptocurrency hacks, with losses growing into billions. These attacks, ranging from massive exchange breaches to decentralized finance (DeFi) exploits, reflect the increasing sophistication of cybercriminals targeting digital assets. The first quarter alone reported losses exceeding $1.6 billion, marking a 131% increase compared to the same period in 2024.
Q1 2025 Crypto Hack Statistics and Market Impact
According to blockchain security firm PeckShield, crypto hacks in the first quarter of 2025 totaled $1.63 billion. The Bybit exchange breach accounted for $1.46 billion, representing 92% of the total losses during this period.
Source: Peckshield
January losses stood at $87 million, with February witnessing the sharpest spike primarily due to the Bybit exploit. March saw a decline in stolen funds to $33 million, partly offset by the recovery of some assets. The number of hacks increased to over 60 in Q1, compared to the previous year.
Notably, the decentralized finance sector faced multiple attacks, including a $13 million exploit of Abracadabra.Money and an $8.4 million breach at the real-world asset protocol Zoth. Despite the rising number of incidents, some platforms managed partial fund recoveries, such as 1inch, which reclaimed 90% of stolen assets after offering a bounty.
Bybit: The Largest Crypto Heist in History
On February 21, 2025, Bybit suffered the biggest single digital theft recorded, losing approximately $1.46 billion in Ethereum. The attacker exploited malware during a routine transfer from an offline cold wallet to a warm wallet, circumventing security controls. Bybit immediately assured customers that their holdings remained safe despite the breach.
Source: Elliptic
Bybit’s CEO, Ben Zhou, committed to reimbursing all affected users, ensuring the platform’s solvency through internal funds and partner loans. The exchange launched a bounty program offering 10% of recovered funds, aiming to retrieve the stolen assets. Investigations by blockchain analytics firm Elliptic linked the hack to North Korea’s Lazarus Group, a state-sponsored cybercriminal organization known for laundering illicit funds to finance military programs.
North Korean Hacker Activity and Global Response
The Lazarus Group’s role in the Bybit hack highlights a broader trend of state-sponsored crypto theft. Since 2017, North Korean-linked hackers have stolen over $6 billion in cryptocurrency. Their operations often involve laundering stolen assets through decentralized exchanges and mixers to obscure transaction trails.
According to a Bloomberg report, authorities plan to address this issue at the upcoming Group of Seven (G7) meeting in Alberta, Canada, in June 2025. Discussions will focus on North Korea’s increasing cybercrime, especially cryptocurrency theft. The U.S. Justice Department confirmed that funds stolen by these hackers finance North Korea’s weapons programs. These attacks illustrate how geopolitical tensions intersect with digital finance security.
Other Hacks in Early 2025: AdsPower, Phemex, and Moby: CCN Report
January 2025 saw a $4.7 million breach at AdsPower, a company providing anti-detect browser technology. Attackers replaced a legitimate browser plugin with a malicious one, compromising users’ private keys and allowing direct wallet access. Five wallets were compromised before the attack was identified.
Phemex, a cryptocurrency exchange, lost $85 million after a January 23 attack exploiting vulnerabilities in its hot wallet system. The platform suspended withdrawals and launched a security overhaul. The breach is suspected to involve state-linked hackers but remains under investigation.
Moby, a DeFi options platform on Arbitrum, faced a $2.5 million theft in early January due to a leaked private key. Whitehat hackers recovered $1.5 million, reducing net losses. The incident underlined DeFi’s vulnerability to private key exposure and the crucial role of ethical hackers.
April 2025: Phishing Dominates Losses Amid Multiple Breaches
April was a challenging month, with crypto losses totaling over $357 million across 18 major hacks. Phishing attacks accounted for $337 million of these losses, proving to be the dominant threat vector. A high-profile case involved the theft of 3,520 BTC from a U.S.-based victim through social engineering.
Despite these attacks, some platforms successfully recovered stolen funds. Loopscale, a decentralized lending platform, regained 90% of its $5.8 million breach two days after offering the hacker a 10% reward. MorphoLabs suffered a $2.6 million exploit, ranking among April’s top incidents. The spike in breaches from March’s $28.8 million total highlighted growing attacker activity despite enhanced defenses.
Cetus DEX Exploit: Over $200 Million Drained
In May 2025, the decentralized exchange Cetus on the Sui blockchain lost approximately $223 million in a suspected exploit. Onchain data showed rapid asset drainage and increased transaction volumes exceeding $2.9 billion in a single day, up from $320 million the day before. Cetus froze $162 million of the stolen funds and paused smart contracts to mitigate further losses.
https://x.com/extractor_web3/status/1925533008972423318
Blockchain cybersecurity company Hacken confirmed that at least $63 million bridged to Ethereum, with a large transfer of 20,000 ETH to a new wallet. The attack compromised all SUI-denominated pools and assets, including tokens like Lombard Staked BTC and AXOLcoin, which suffered severe price drops. Network validators collaborated to ignore transactions from identified attacker addresses pending further actions.
Coinbase Data Breach: Insider Threat and Customer Data Compromised
Coinbase confirmed a significant data breach in May 2025 involving insider collusion with overseas employees. According to a post on X by ZachXBT, the attackers recruited customer service agents to leak sensitive data, including names, addresses, ID images, phone numbers, and masked bank details. Approximately 69,461 user accounts were impacted.
https://x.com/zachxbt/status/1886411891213230114
The breach did not expose login credentials, 2FA codes, private keys, or wallets. Coinbase refused to pay the $20 million ransom demanded and instead offered a reward for information leading to the attackers’ arrest. The company pledged reimbursements for customers deceived by related scams and implemented enhanced safeguards such as stricter withdrawal verifications and identity protections.
Measures and Industry Responses to Rising Crypto Crime
Affected platforms are increasingly combining technical fixes with incentives to recover stolen assets. Offering bounties to hackers who return funds has proven effective in cases like Loopscale and 1inch. Exchanges are strengthening wallet security, adding withdrawal allow-lists, and mandatory ID verification for large transactions.
Law enforcement cooperation has intensified, with companies filing breach notifications and sharing data with agencies. Blockchain analytics firms actively track stolen funds through public ledgers to identify laundering pathways. The first half of 2025 has demonstrated the persistent threat landscape facing cryptocurrency platforms.
High-profile breaches at Bybit, Cetus, Coinbase, and others reveal systemic weaknesses that attackers exploit rapidly. While some platforms have successfully recovered funds and implemented stronger defenses, the industry must maintain vigilance. Collaboration among exchanges, security firms, and regulators remains crucial to tracking illicit activity and protecting users.
