The cryptocurrency sector has seen unprecedented losses due to cyberattacks in the first half of 2025. According to a new report from blockchain intelligence firm TRM Labs, hackers stole over $2.1 billion in just six months — nearly matching the total for all of 2024 and surpassing the first half of 2022 by 10%, which had previously held the record for the worst period in crypto security.
Key Targets: Infrastructure and DeFi Protocols
More than 80% of total losses came from infrastructure breaches. Attackers exploited vulnerabilities such as stolen private keys, leaked seed phrases, and manipulated front-end interfaces. Many incidents involved social engineering tactics or insider involvement. TRM Labs notes that the average loss per infrastructure attack was 10 times higher than in other types of exploits.
An additional 12% of losses were tied to vulnerabilities in DeFi protocols, particularly through flash loan exploits and reentrancy attacks, which remain common in the decentralized finance space.
Largest Incident: $1.5 Billion Bybit Hack
The most significant breach occurred in February 2025, when crypto exchange Bybit was hacked for $1.5 billion. TRM Labs attributes the attack to North Korean hacking groups. This single event pushed the average loss per incident to $30 million, double the figure recorded in 2024.
In total, North Korea-linked cybercriminals were responsible for an estimated $1.6 billion in damages — accounting for 70% of all crypto losses in the first half of the year.
Another notable incident involved the June 2025 hack of Iranian exchange Nobitex. The attack was claimed by pro-Israeli hacker group Gonjeshke Darande, which also published the platform’s source code online.
Recommendations: Strengthening Security Measures
TRM Labs urges crypto projects and exchanges to reassess their security infrastructure. The report highlights several key recommendations:
- Implementing multi-factor authentication (MFA) by default;
- Ensuring secure cold storage for digital assets;
- Establishing strong insider threat detection protocols;
- Enhancing cooperation with international law enforcement;
- Improving industry-wide coordination on cybersecurity.
“The record-breaking thefts in early 2025 are a wake-up call. A collective and strategically coordinated security approach is now essential,” the report emphasizes.
Key Stats
- $2.1 billion lost in six months
- $1.64 billion stolen in Q1 alone (across 40 incidents)
- $244 million lost to hacks in May
- $30 million average loss per attack
