In a stark reminder of the vulnerabilities within the cryptocurrency space, total losses from hacks in 2025 have soared to $2.72 billion, eclipsing last year’s figures despite a generally subdued market environment. This year has been marked by a string of significant breaches, with major centralized exchanges and decentralized finance (DeFi) platforms facing unprecedented challenges.
The largest exploit of the year occurred in February when North Korean hackers targeted Bybit, a prominent crypto exchange, resulting in a staggering loss of between $1.4 billion and $1.5 billion. This breach not only set the tone for the year but also highlighted the level of sophistication that cybercriminals have achieved. According to TRM Labs, the tactics employed by these hackers have evolved, becoming more organized and efficient, thus raising concerns about the broader implications for the crypto market.
Coinbase, the largest cryptocurrency exchange in the United States, made headlines in May when it disclosed a data breach that could potentially cost the company up to $400 million in damages. Criminals sent a ransom demand for $20 million in Bitcoin in exchange for stolen customer details. While Coinbase’s customer funds remained secure, sensitive information was compromised after subcontractors were reportedly bribed to provide access to data.
The DeFi sector hasn’t been spared either. Cetus Protocol, a leading decentralized exchange, experienced a major setback in May when attackers exploited vulnerabilities in its smart contracts. The incident saw hackers draining around $223 million in liquidity, although Cetus managed to recover approximately $162 million of the stolen funds within weeks.
Other significant breaches this year included the hack of Nobitex, Iran’s largest crypto exchange, where an Israeli hacker group reportedly stole $90 million. The attackers claimed ties to a geopolitical agenda, leading to discussions about the human impact of such hacks on innocent retail investors.
The UPCX platform also faced major challenges when $70 million was drained through the exploitation of a compromised private key. Similarly, Turkish exchange BtcTurk reported a loss of $50 million following another targeted attack in August. Finally, in November, South Korean exchange Upbit announced a loss of $36 million, with North Korean actors suspected of being behind the breach.
As these incidents unfolded, discussions around the need for enhanced security protocols have intensified, highlighting the ongoing risks facing both centralized and decentralized platforms in the cryptocurrency landscape. With such a significant total loss in 2025, stakeholders in the crypto ecosystem are increasingly pressured to adopt more robust security measures to protect users and restore confidence in digital assets.
