Advertise
Elena R
Elena R
Author
Elena is an expert in technical analysis and risk management in cryptocurrency market. She has 10+year experience in writing - accordingly she is avid journalists with a passion towards researching new insights coming into crypto erena.
Reviewed by:
Qadir AK
Reviewed
Qadir Ak is the founder of Coinpedia. He has over a decade of experience writing about technology and has been covering the blockchain and cryptocurrency space since 2010. He has also interviewed a few prominent experts within the cryptocurrency space.
- Jun 28, 2025 05:30 UTC
-
Crypto Hacks Surge in 2025: $2.1 Billion Stolen in Just 6 Months
Crypto thefts hit $2.1B in H1 2025, with 80% from infrastructure attacks and North Korea linked to 70% of stolen funds, says TRM Labs.
High-profile hacks like Bybit and Nobitex reveal rising geopolitical cyber threats as TRM urges stronger defenses across the crypto industry.
The crypto industry is facing a security crisis in 2025. In just the first half of the year, hackers have stolen over $2.1 billion across 75 incidents, according to a new report from TRM Labs, marking a 50% increase from previous years.
Crypto Thefts Skyrocket in 2025
TRM Labs highlighted that infrastructure attacksโincluding private key thefts, seed phrase breaches, and front-end hijacksโaccounted for over 80% of the stolen funds. These attacks were often ten times larger than other exploit types and typically enabled by social engineering or insider access.
โThese breaches expose critical weaknesses at the foundation of cryptosecurity,โ said TRM Labs.
North Korea Behind $1.6 Billion in Crypto Hacks
The Democratic Peopleโs Republic of Korea (DPRK) has been linked to a staggering $1.6 billion in stolen crypto this yearโabout 70% of the total. The largest hack was reportedly on Bybit, a Dubai-based exchange, pushing the average hack size to $30 million in 2025, double the $15 million average in 2024.
North Korea continues to exploit crypto markets to evade international sanctions, making it one of the most dangerous state actors in the digital asset space.
Israeli Hacker Linked to $100M Nobitex Breach
In another shocking case, Nobitex, an Iranian exchange, lost $100 million in crypto during a coordinated attack in June 2025. Investigations revealed that the hack was led by Israeli cybercriminal Gonjeshke Darande, highlighting how geopolitical tensions are now directly impacting crypto security.
How Crypto Companies Can Protect Themselves
TRM Labs outlined several key steps to combat these growing threats:
- Cold storage for user funds
- Multi-factor authentication (MFA)
- Regular security audits
- Insider threat detection systems
- Social engineering countermeasures
- Transparent communication with users
With crypto hacks becoming more frequent and severe, platforms must act quickly. From wallet breaches to exchange exploits, the global crypto ecosystem is under pressure. As high-stakes actors like North Korea and Israel-based groups intensify their attacks, implementing robust security frameworks is no longer optionalโitโs essential.
Never Miss a Beat in the Crypto World!
Stay ahead with breaking news, expert analysis, and real-time updates on the latest trends in Bitcoin, altcoins, DeFi, NFTs, and more.
FAQs
North Korea orchestrates large-scale thefts using sophisticated phishing, social engineering (e.g., fake job offers, deepfake Zoom calls), supply chain compromises, and private key thefts. They primarily use stolen funds to evade international sanctions and finance their illicit weapons programs, including nuclear and ballistic missile development.
Hackers are primarily exploiting critical infrastructure weaknesses, including stolen private keys, compromised seed phrases, and front-end hijacks. They also target DeFi smart contracts through vulnerabilities like re-entrancy exploits and flash loan manipulations.
Crypto companies are responding by reinforcing fundamental security measures like multi-factor authentication (MFA), cold storage for funds, regular security audits, and implementing insider threat detection systems. They are also improving social engineering countermeasures and engaging in international collaboration with law enforcement to track and disrupt these networks.
Yes 
No 
