EN

Crypto Hacks in 2025: How $2.1 Billion Was Stolen in Just Six Months

The first half of 2025 has already broken a grim record. More than $2.1 billion in crypto was stolen in just six months, surpassing the total from all of 2024. And this time, it wasn’t just about DeFi. Most of the attacks targeted the backbone of the crypto industry — exchanges, infrastructure, and development pipelines.

1. Bybit Hack — $1.5 Billion Gone in Minutes

The biggest incident happened in February when hackers managed to extract 401,000 ETH from Bybit wallets. The breach occurred during a scheduled cold wallet migration — malicious code was injected via an external service provider, and funds disappeared fast. Many believe the infamous Lazarus group from North Korea was behind the attack. This is now considered the largest crypto hack in history.

 

2. BigONE Targeted in Sophisticated Supply-Chain Attack

In July, BigONE became another victim. Attackers compromised a backend server and altered the behavior of a hot wallet, enabling unauthorized withdrawals. Roughly $27 million was drained, including BTC, ETH, SOL, and USDT. The exchange froze operations, promised user refunds, and is still investigating the breach.

 

3. Iran’s Nobitex Lost $90 Million in Coordinated Breach

In June, Nobitex — the largest crypto exchange in Iran — suffered a major attack. Reports suggest $90 million was lost, and there are speculations of state-sponsored involvement. Strangely, a portion of the stolen funds was “burned” as the hackers exited the system, leading to widespread speculation and concern in the region.

 

4. A New Kind of Threat: Infrastructure Over Smart Contracts

So far in 2025, around 75 incidents have been confirmed. Unlike previous years, attackers are focusing less on DeFi code and more on infrastructure — CI/CD pipelines, APIs, databases, and vendor integrations. These hacks are strategic, targeted, and clearly the work of experienced professionals.

 

Why This Trend Is Alarming

  1. It’s not just about smart contracts anymore — attackers are now exploiting backend systems and deployment chains.
  2. State-level actors are getting involved, with hacks often linked to geopolitical tension.
  3. User confidence is at risk — even major exchanges no longer feel safe.
  4. A single exploit can cause ripple effects, including token dumps, blocked withdrawals, and market panic.

 

What Users and Companies Should Do

  1. Don’t leave large amounts of crypto on centralized platforms.
  2. Check if your exchange has a recovery and security fund.
  3. Use hardware wallets for long-term storage.
  4. For crypto businesses — audit your processes, not just your smart contracts. Look at everything from dev tools to API keys.

 

As the crypto industry matures, so do the threats. The hacks of 2025 show that malicious actors are no longer brute-forcing smart contracts — they’re digging deeper. Infrastructure is the new frontline, and those who fail to protect it are learning the hard way.

For maximum efficiency, our website uses cookies. By continuing to use our site, you agree to the Terms of Use, Privacy Policy, and AML/KYC Policy.