Losses to crypto hacks, exploits and scams spiked to $2.47 billion within the first half of 2025, however the second quarter noticed a decline within the complete variety of hacks, says blockchain safety agency CertiK.
Over $800 million was misplaced throughout 144 incidents in Q2, a 52% lower in worth misplaced compared to the earlier quarter with 59 fewer hacking incidents, CertiK said in a report on Tuesday.
In complete, the primary half of 2025 has seen greater than $2.47 billion in losses due to hacks, scams and exploits, representing a virtually 3% enhance in comparison with the $2.4 billion stolen in 2024.
Nonetheless, contemplating the greater than $187 million returned throughout the 12 months’s first half, CertiK mentioned the adjusted complete is nearer to $2.2 billion.
Bulk of losses from two incidents
Regardless of the spike in losses, CertiK mentioned it doesn’t essentially “recommend a deteriorating safety panorama” as a result of the lion’s share of losses got here from simply two incidents in opposition to crypto trade Bybit and Cetus Protocol price $1.78 billion mixed.
Attackers exploited vulnerabilities in Bybit’s cold wallet infrastructure, siphoning off $1.5 billion in Ether (ETH) on Feb. 21, whereas the Cetus Protocol, the first decentralized trade on the Sui blockchain, suffered a $225 million hack on Might 22.
“With out these occasions, complete losses in 2025 would stand at $690 million, indicating that the broader development will not be as extreme as uncooked figures indicate,” CertiK mentioned.
Phishing assaults surge, Ethereum focused
Phishing currently accounts for the best variety of safety incidents thus far this 12 months, with 132 safety incidents and $410 million stolen.
General, pockets compromises had been the most expensive assault vector within the first half of 2025, with over $1.7 billion stolen throughout 34 incidents, based on the report.
“As phishing campaigns develop more and more misleading, it’s very important for customers to undertake sturdy safety habits: keep away from clicking unknown hyperlinks, double-check area authenticity, allow multifactor authentication, and think about using {hardware} wallets for key storage,” CertiK mentioned.
The Ethereum blockchain was one of many extra widespread targets, accounting for 70 hacks, scams, and exploits in comparison with 98 within the first quarter.
“Ethereum’s dominance in decentralized finance and sensible contract exercise make it a lovely goal, with billions of {dollars} locked in protocols,” CertiK mentioned in its safety report for Q1.
Rigorous safety requirements wanted going ahead
Past safety incidents, CertiK mentioned the primary half of 2025 has been marked by important world regulatory and market developments that can possible “form the trade’s future.”
In the US, President Donald Trump has instigated reforms on the Securities and Trade Fee which have seen the company drop many enforcement actions in opposition to crypto corporations and implement different pro-crypto-related laws.
Associated: Crypto seed phrase, front-end hacks drive record losses in 2025: TRM Labs
In the meantime, Hong Kong’s Legislative Council passed a Stablecoin Invoice, paving the way in which for a regulated framework and the Union’s regulatory framework for crypto, MiCA, got here into pressure on Dec. 30.
“Collectively, these developments sign each rising institutional curiosity and a maturing regulatory setting,” CertiK mentioned.
“As new capital and contributors circulation into the area, sustaining rigorous safety requirements shall be extra vital than ever,” the agency added.
Journal: China threatened by US stablecoins, G7 urged to tackle Lazarus Group: Asia Express
