$2.1b in crypto lost to hacks and exploits during the first half of 2025: TRM Labs

Bad actors managed to siphon roughly $2.1 billion worth of crypto across 75 incidents in the first half of 2025. According to a report by blockchain intelligence firm TRM Labs, the majority of these losses stemmed from infrastructure attacks that targeted the technical backbone of crypto systems. Suck exploits include private key thefts, seed phrase compromises, and front-end hijacks, and accounted for over 80% of all stolen funds. On average, such attacks yielded 10 times more in value than other methods. TRM Labs noted that the largest incident so far this year was the $1.5 billion breach of Dubai-based crypto exchange Bybit in February. Attributed to North Korean hackers , the hack accounted for nearly 70% of the year’s total losses. It significantly skewed the overall figures, pushing the average hack size to $30 million, double the average from the same period in 2024. Other notable attacks included the June 18 exploit of Iran’s largest crypto exchange , Nobitex, by hacker group Gonjeshke Darande, also known as Predatory Sparrow. The hackers stole over $90 million and transferred the funds to unspendable vanity addresses. You might also like: Nobitex Hack pulls curtains on months of suspicious fund movements State-sponsored crypto attacks now account for the bulk of global losses, TRM Labs said, with geopolitical motives increasingly driving illicit activities. “Although North Korea remains the dominant force in this arena, incidents such as reportedly Israel-linked group Gonjeshke Darande hacking Iran’s largest crypto exchange, Nobitex suggest other state actors may increasingly leverage crypto hacks for geopolitical ends,” TRM researchers said. “Such events underscore how digital asset theft is becoming a covert instrument in geopolitical conflicts and national policy.” Beyond hacks, protocol-level exploits accounted for 12% of losses during the period, according to the report. These included flash loans and re-entrancy attacks that targeted vulnerabilities in smart contracts or protocol logic, allowing attackers to manipulate or drain funds from decentralized finance protocols. According to TRM Labs, the $2.1 billion stolen in the first six months of 2025 represents a roughly 10% increase over the previous H1 record set in 2022 and nearly matches the total losses recorded for the entire year of 2024. In response to these threats, TRM Labs urged the industry to adopt stronger security measures such as using multi-factor authentication, storing funds in cold wallets, regularly conducting security audits, and implementing countermeasures against insider threats and social engineering. Crypto hacks have remained a consistent threat to the industry over the years. As previously reported by crypto.news, over $1.63 billion in crypto losses were stolen across more than 60 attacks in the first quarter of 2025, according to reports by Immunefi and PeckShield. Centralized exchanges bore the brunt, accounting for 94% of the total losses, largely due to the Bybit and Phemex incidents, which together made up $1.52 billion of the total. Read more: Hacken bridge exploited for $250k HAI token following private key leak

Source: crypto.news