In certain instances, we may earn revenue when a reader makes a purchase or completes a form through our pages or on a partner’s website. We adhere to a strict 
Last month, cryptocurrency hacks totaled $244.1 million, according to a PeckShieldAlert report published on X on May 31, 2025. While this is a nearly 40% decline since April, cybersecurity experts continue to raise alarms.
In the first quarter of 2025, crypto hackers stole around $1.67 billion, according to a report by CertiK, already surpassing two-thirds of the total losses recorded in all of 2024.
A significant portion of this comes from the Bybit hack, which resulted in approximately $1.45 billion in losses. The incident’s scale highlighted crucial cybersecurity vulnerabilities that need to be addressed.
Experts believe that unless the industry takes these warning signs seriously and implements stronger safeguards, 2025 could be another record year for losses due to hacks and exploits.
Key Takeaways
- Crypto hacks surged to $1.67 billion in the year’s first quarter, already surpassing two-thirds of the total losses recorded in the entire 2024.
- As smart contracts become harder to breach, attackers are shifting toward social engineering, phishing, and wallet-draining services.
- The Bybit hack was labeled as the “largest breach in Web3 history,” losing $1.45 billion in Ethereum cold wallet exploits.
- Experts urge platforms to rethink audit strategies, prioritize continuous testing, and implement broader security frameworks that include user protection, infrastructure audits, and post-deployment security updates.
- Due to the rise of phishing scams in the Web3 industry, experts highlighted that security measures must be baked into the user experience and not “bolted on.”
In the first quarter of the year, the cryptocurrency industry saw a significant surge in the values of stolen funds due to hacks, scams, and exploits, the Hack3D report by CertiK found.
According to the report published by the blockchain security auditor, one of the biggest concerns this quarter has been the rise in private key compromises, a sub-category of wallet compromises that amounted to over $142 million stolen across 15 incidents.
Additionally, the report highlighted that the number of phishing attacks in the first quarter of 2025 accounted for $15 million, stolen across 81 incidents. While this value is substantially lower compared to wallet compromises, the number of phishing incidents remains higher than any other attack vector.
Natalie Newson, senior blockchain investigator at CertiK, told Techopedia that in 2022, crypto stolen due to smart contract exploits reached about $1.3 billion. This figure declined in 2023 and then once again in 2024, while phishing, particularly wallet-drainers-as-a-service, saw an increase from around $70 million in 2022 to over $1 billion by 2024.
Newson said:
“These statistics highlight a clear trend: as smart contracts become more secure, there is a fundamental shift from bug hunting to targeting individual users.”
David Carvalho, the founder and CEO of decentralized post-quantum infrastructure Naoris Protocol, added that most cryptocurrency projects continue to remain vulnerable to single points of failure, “despite touting the virtues of decentralization.”
This means that attackers are no longer required to crack a code, but could simply have to breach a single point of failure to gain access to assets.
Biggest Crypto Hacks: Bybit, Phemex & 0xInfini
So far in 2025, the three biggest crypto hacks have been the Bybit, Phemex, and 0xInfini breaches, with Bybit’s incident being labeled the “largest breach in Web3 history.”
On February 21, 2025, Bybit lost approximately $1.45 billion after attackers exploited a cold Ethereum wallet, dramatically inflating the year’s total losses so far. The hack was linked to the infamous Lazarus group, a North Korean state-sponsored cyber threat group.
According to Grigore Roșu, Founder and CEO of Pi Squared, the scale of the Bybit hack also exposes crypto’s geopolitical risk surface, highlighting the need for tighter international coordination and infrastructure built with verifiability and auditability at its core.
The Phemex exchange was targeted on January 23, 2025, suffering losses of around $71 million, while 0xInfini was hacked on February 24, 2025, resulting in a $49 million loss.
CertiK’s Hack3D report highlighted that attackers continue to leverage social engineering, artificial intelligence (AI), contract manipulation, and other similar tactics to bypass even the most robust defense systems in the industry.
Why Are Low-Tech Attacks so Effective?
As blockchain infrastructure matures and smart contracts become more secure, hackers are shifting their focus away from high-tech code exploits to more accessible, low-tech attack vectors, as seen in some of the biggest crypto hacks of 2025.
Such low-tech attacks continue to be effective because “users remain the weakest link in decentralized systems, while fragmented UIs and inconsistent security norms are making deception easy for nefarious actors,” Pi Squared’s Roșu explained.
Timothy Bates, a Professor at the University of Michigan and an expert in AI, cybersecurity, blockchain, and XR, added that, unlike blockchain technologies, phishing does not need to evolve.
Bates told Techopedia:
“Deepfakes, spoofed wallet interfaces, and AI-generated trust signals have made low-tech attacks feel high-end. What’s low-tech in execution is now high-impact in consequence.”
The recent Coinbase support center leak was another crypto heist that has highlighted how attackers are shifting their focus to targets like customer service portals, third-party vendors, and internal data systems.
CertiK’s Newson said:
“One of the biggest blind spots is the overemphasis on on-chain protection while underestimating the risks posed by off-chain infrastructure. Threat actors are starting to target the human enterprise layers around crypto rather than just the networks themselves.”
This raises a significant question: How can crypto hacking be limited if it no longer includes just flaws in code?
Beyond Audits: Rethinking Crypto Security
Following recent trends in crypto cybersecurity threats, it seems like traditional safeguards such as smart contract audits, while still essential, are no longer enough.
According to CertiK’s Newson, out of a sample of 140 exploited projects in 2025, 83 had no immediately obvious audit.
Newson told Techopedia:
“When considering whether a project has an audit, it is also important to note the audit’s scope, as a project may have multiple contracts in use, but may have only had audits conducted on some of those contracts or made alterations to previously audited code. Though it is possible for an audited contract to be exploited, an audit significantly reduces the risk of exploitation.”
Newson added that platforms should prioritize the protection of user data above all else.
Naoris Protocol’s Carvalho added that the current rising cybersecurity threats in the industry could only be mitigated if projects transition to “a truly decentralized cybersecurity model, where breaching one machine provides absolutely no access to anything.”
Professor Bates added that platforms must embed security into the user experiences and not simply “bolt it on.” He said:
“Biometrics, behavioral analytics, and cold-wallet micro segmentation should be defaults, not upgrades. Users, on the other hand, need two things: ongoing education and friction that protects (e.g., timed withdrawal confirmations). Security should feel empowering, not punitive.”
The Bottom Line
While the losses due to cryptocurrency hacks declined by about 40% in May 2025, the industry continues to fall victim to the rise of low-tech attacks that include social engineering tactics, phishing scams, and off-chain vulnerabilities that exploit the human layer of decentralized systems.
As attackers grow more sophisticated, leveraging AI, deepfakes, and fragmented user interfaces, traditional safeguards like smart contract audits are proving insufficient on their own.
To keep pace, the industry must reimagine what security looks like in the Web3 space. This means building systems that prioritize not just decentralization, but verifiability, usability, and proactive threat modeling.
