Crypto investors lost over $2.1 billion to hacks and exploits in the first half of 2025, marking the worst six-month period on record for crypto security and indicating that some nation-states are intensifying their cyber campaigns in the crypto space.
The 75 recorded incidents surpassed the previous H1 high from 2022 by roughly 10% and nearly matched the entire 2024 total, according to a RialCenter report released Friday. Alarmingly, a significant portion of the thefts can be attributed to specific offenders.
Researchers indicate that North Korean-linked groups are responsible for $1.6 billion, or 70% of all stolen funds this year.
The $1.5 billion Bybit hack in February, believed to have been carried out by North Korea, marks the largest crypto theft in history, skewing the year’s average hack size to $30 million—double last year’s levels.
The threat is not confined to Pyongyang. On June 18, a group thought to be linked to Israel, Gonjeshke Darande (Predatory Sparrow), stole $90 million from the Iranian exchange Nobitex, reportedly in retaliation for the platform’s alleged role in sanction evasion.
The stolen funds were sent to vanity addresses (which are un-spendable by design and sent tokens are deemed burnt), suggesting a political motive over profit.
Attack vectors are evolving rapidly. Over 80% of stolen funds stemmed from infrastructure-level breaches, including private key thefts and front-end hijacks.
These attacks, often incorporating social engineering or insider access, are proving to be ten times more lucrative than traditional smart contract exploits. DeFi vulnerabilities, including flash loan and reentrancy attacks, which were common in 2021-22, accounted for a relatively small 12% of the losses.
Read more: North Korean Hackers Are Targeting Top Crypto Firms With Malware Hidden in Job Applications
Leave a Reply