According to blockchain security firm CertiK, cryptocurrency hacks and exploits have resulted in staggering losses of $2.47 billion during the first half of 2025. This figure already surpasses the total amount stolen throughout the entire year of 2024, marking an unprecedented rise in security breaches across both centralized and decentralized platforms.
The primary target has been Ethereum, which suffered 175 attacks accounting for $1.63 billion in losses. The most significant single incident was the February 2025 Bybit hack, which at approximately $1.4 billion is considered potentially the largest crypto exploit in history, dwarfing previous high-profile breaches like the 2016 Bitfinex and 2022 Ronin bridge attacks.
While the number of incidents decreased by 52% in Q2 2025 (144 cases totaling over $800 million) compared to Q1, losses remained alarmingly high. Attack methods have evolved, with $1.7 billion lost to wallet compromises and $410 million to phishing attacks. As blockchain infrastructure becomes harder to compromise technically, attackers are increasingly focusing on human vulnerabilities, with about half of all breaches stemming from operational risks tied to human behavior.
CertiK co-founder Ronghui Gu characterized the situation as "an endless war," noting that "as long as there's a weak point or some vulnerabilities out there, sooner or later they will be discovered by these attackers." He expressed concern that next year's hacks "will still be at a billion-dollar level."
The surge in losses has ignited debates about security protocols and prompted calls for enhanced cybersecurity measures, increased transparency, and potential regulatory tightening. The trend also highlights the growing challenge of addressing human factors in security, with experts emphasizing that end-user education may be as important as technical defenses in curbing future losses.