In the first half of 2025, the cryptocurrency sector faced unprecedented losses due to hacks, scams, and security breaches totaling nearly $2.5 billion across 344 incidents, according to CertiK's Hack3d report. This amount has already surpassed the total losses recorded for the entire year of 2024.
The largest share of these losses came from compromised wallets, accounting for over $1.7 billion in just 34 incidents. Phishing attacks were the next most damaging, responsible for more than $410 million in 132 cases. Code vulnerabilities contributed losses exceeding $283 million across 114 incidents. While less frequent, exit scams and price manipulation caused nearly $20 million in damages, and access control exploits accounted for $42 million.
Two major incidents dramatically skewed the figures: the Bybit exchange hack in Q1, which involved the theft of over $1.5 billion in liquid-staked ETH and MegaETH, and the Cetus Protocol exploit in Q2, which resulted in about $225 million lost due to a smart contract flaw. Aside from these, losses would amount to about $690 million, aligning more closely with previous years’ figures.
Ethereum remained the most targeted blockchain with losses over $1.58 billion across 164 incidents, followed by Bitcoin with more than $373 million lost across 10 incidents. A notable phishing scam in April led to a $330 million Bitcoin theft, with the attacker converting funds into privacy coin Monero (XMR), which triggered a price rally for XMR.
Despite the high volume of attacks, some recovery occurred, with $187 million recovered through law enforcement, whitehat interventions, and exchange cooperation, resulting in net losses of approximately $2.29 billion.
The report highlights a worrying rise in physical 'wrench attacks' — violent crimes targeting private holders — with 32 incidents reported globally this year, potentially surpassing records from 2021. These crimes have become more brutal, involving kidnappings and threats to family members of crypto investors.
CertiK emphasized the evolving nature of threats, particularly sophisticated phishing scams and smart contract vulnerabilities, urging users to exercise caution by verifying URLs, avoiding suspicious links, and using hardware wallets for storage.