The crypto industry lost over $2.2 billion in the first half of 2025 due to hacks, scams, and security breaches, surpassing the total losses of 2024, according to CertiK’s H1 2025 “Hack3d” Web3 Security Report.
CertiK recorded 344 on-chain incidents between January and June. Wallet breaches accounted for $1.7 billion in just 34 cases, while phishing scams caused $410 million across 132 incidents.
The largest exploit occurred in February when Bybit lost $1.5 billion in a wallet breach involving staked ETH. In May, Cetus Protocol was exploited for $225 million via a smart contract bug, although $162 million was later recovered by Sui validators.
Ethereum was the most attacked blockchain, with 175 incidents leading to $1.6 billion in losses. Smart contract vulnerabilities alone caused $229 million in May, up sharply from just $5 million in April.
CertiK also flagged an increase in physical attacks, with 32 cases involving violence, kidnappings, and ransom attempts. France saw the most incidents, including an attempted kidnapping involving the family of Paymium’s CEO.
Approximately $187 million was recovered through whitehat efforts, law enforcement, and exchange cooperation. However, with attacks becoming more complex and violent, stronger security practices are urgently needed.
A key vulnerability remains poor private key management. Keys are often stored insecurely, unencrypted, or controlled by one person, making them easy targets for hackers. This single point of failure has contributed to billions in losses and remains one of the crypto industry’s biggest risks.
Major 2025 hacks include $400M from Coinbase, $220M from Cetus, and millions more from BSC, Phemex, and UPCX exploits.
Avoid unverified contracts, never share keys, and regularly review approvals to secure your wallet from phishing.
Beware of unsolicited emails, messages, or social media offers promising unrealistic returns or free crypto. Always double-check URLs for misspellings, verify sender domains, and never click suspicious links. Legitimate platforms will never ask for your private keys or seed phrases.
CoinPedia has been delivering accurate and timely cryptocurrency and blockchain updates since 2017. All content is created by our expert panel of analysts and journalists, following strict Editorial Guidelines based on E-E-A-T (Experience, Expertise, Authoritativeness, Trustworthiness). Every article is fact-checked against reputable sources to ensure accuracy, transparency, and reliability. Our review policy guarantees unbiased evaluations when recommending exchanges, platforms, or tools. We strive to provide timely updates about everything crypto & blockchain, right from startups to industry majors.
All opinions and insights shared represent the author's own views on current market conditions. Please do your own research before making investment decisions. Neither the writer nor the publication assumes responsibility for your financial choices.
Sponsored content and affiliate links may appear on our site. Advertisements are marked clearly, and our editorial content remains entirely independent from our ad partners.
Big investors who sold Cardano (ADA) before its 70% plunge from all-time highs have turned…
Pepe and Dogecoin are two of the most iconic names in the meme coin world.…
Global cryptocurrency exchange platform Zoomex today announced that Argentine football star Emiliano Martínez has officially…
Global asset manager VanEck has taken a pioneering step by filing an S-1 registration statement…
In a market where innovation and speed define success, a new crypto coin is stepping…
The rebrand from Zekret Protocol follows a $1M pre-seed round backing Entry’s push to combine…
