Biggest Crypto Hacks of 2025

2025 was a bruising year for cybersecurity in digital assets, ending with over $3.4 billion in crypto stolen across hundreds of incidents. Independent tallies show over 300 major security incidents for the year. At least $2 million of those thefts was attributed to North Korean hackers, mainly in the Bybit hack case.

Below are the five biggest heists of 2025, including one driven primarily by social engineering.

Bybit: $1.5b (February 2025)

U.S. authorities attributed the largest crypto theft in history to North Korea’s Lazarus Group. Investigators said attackers took control of a cold ETH wallet, then rapidly laundered funds across chains via BTC $88 282 24h volatility: 0.9% Market cap: $1.76 T Vol. 24h: $40.38 B and other currencies. Exchange disclosures and later forensic analysis showed that large portions were routed through THORChain and split across tens of thousands of addresses.

According to a later report by Crystal Intelligence, the attack Bybit faced was a sophisticated operation that compromised its frontend, thereby tricking employees into believing they were signing legitimate transactions. WazirX and Phemex were hacked similarly.

Following the incident, Bybit launched a 10% recovery bounty and engaged blockchain investigators to help freeze the stolen funds. Portions were tracked, though most remain in motion.

Cetus DEX (Sui): $220m (May)

Sui’s largest DEX and liquidity provider, Cetus, was drained $220 million in just 15 minutes. According to Merkle Science, the hackers did not exploit a smart contract vulnerability, which is typical in the industry. Instead, they benefited from a rounding bug in a third-party math library, used for liquidity and pricing calculations.

An attacker abused a rounding/MSB-check flaw to manipulate pool parameters and extract assets. Teams moved quickly to pause contracts and later claimed that around $160 million had been frozen or recovered.

However, more than $60M remained at risk. This was the year’s most significant DeFi exploit and briefly halted trading in the Sui ecosystem.

Balancer: $116m (November)

A breach in Balancer, a popular DeFi protocol, was initially spotted by crypto sleuths on X. An attacker exploited a rounding bug in Balancer V2’s stable pool logic across Ethereum and several L2s and sidechains. Balancer’s disclosure confirms the technical root cause.

The initial estimates placed losses near $120, with the bulk on the Ethereum mainnet. Moreover, a dormant whale withdrew $6,5 million just after the hack. Balancer’s Total Value Locked (TVL) halved from $442 million to $214.5 million in a single day.

However, according to Crystal Intelligence, most of the funds were traced. The wallets are now closely monitored for potential transactions to freeze the stolen funds.

Phemex (CEX): $73m (January)

Phemex, a centralized exchange (CEX) based in Singapore, saw its hot-wallet compromised across 16 chains. Security firms flagged dozens of suspicious outflows from Phemex hot wallets spanning major networks.

This was the first big hack of 2025 that shook the community. Prominent expert on X, ZachXBT, who participated in the Bybit investigation, proved that the Phemex and Bybit attacks were carried out by Lazarus and used similar addresses.

After the incident, the company completely halted deposits and withdrawals, but by February, services were fully resumed with additional security hardening.

Upbit (CEX): over $30m (November)

South Korea’s largest exchange, Upbit, reported a hack in November, with a total impact of 44.5 billion won (around $34 million). Customers were made whole from reserves, while 5.9B ($4 million) in Upbit corporate funds was lost. Just a small portion of $1.77 million got frozen through tracing.

Upbit halted Solana flows, moved funds to cold storage, coordinated freezes with issuers/exchanges, and gradually reopened wallets using new deposit addresses. Even with reimbursement, the incident underscored CeFi’s concentration risk.

2025 Crypto Hacks in Numbers

• Total stolen: $3.3-3.4 billion (range reflects differing methodologies across Chainalysis and Beosin/Footprint).
• Incident count: ~313 major cases (Beosin/Footprint).
• H1 snapshot: around $2.5 billion stolen across over 300 incidents. According to CertiK, this already exceeds the total for 2024.
• Typical attacks: compromised wallets and phishing/social engineering were material drivers.
• Platforms targeted: A few infrastructure-level attacks dominated losses (e.g., Bybit), while overall DeFi incident counts remained much higher, though with more minor losses.

Why Social Engineering Mattered More

In general, security firms noted a shift toward human-factor and supply-chain compromises. Hackers moved from poisoned frontends and multisig UI tricks to executive impersonation and key theft, thus reducing the relative share of pure solidity bugs. 2025’s outlier losses were overwhelmingly due to access-control failures, not to novel on-chain math.

The post Biggest Crypto Hacks of 2025 appeared first on Coinspeaker.