Global cryptocurrency losses surged to $2.47 billion in the first half of 2025, driven by a wave of high-profile hacks, phishing campaigns, and wallet compromises, according to a new report by blockchain security firm CertiK. This figure has already surpassed the $2.42 billion total losses recorded in all of 2024, signaling renewed concerns about the fragility of crypto infrastructure.
The staggering losses stem largely from two catastrophic incidents: a $1.5 billion Bybit cold wallet breach in February and a $225 million exploit of Cetus Protocol on the Sui blockchain in May. Together, these two events alone accounted for over 72% of the year’s total crypto losses, severely distorting the broader security trend.
In its midyear report, CertiK emphasized that, excluding the Bybit and Cetus breaches, overall crypto losses would have totaled just $690 million. “While the headline figure appears alarming, the reality is that the bulk of losses were concentrated in two isolated events,” said Ronghui Gu, CertiK’s co-founder, offering some reassurance about the state of blockchain security.
Wallet breaches were the most damaging attack method, responsible for $1.7 billion in stolen funds across 34 incidents. These compromises—often involving sophisticated infiltration of key storage systems, highlight the urgent need for stronger crypto wallet security protocols and hardware wallet adoption.
Meanwhile, phishing attacks dominated in volume, with 132 campaigns resulting in $410 million in losses. Using fake domains, deceptive login pages, and social engineering tactics, hackers continue to exploit user behavior as a critical vulnerability across crypto exchanges and DeFi platforms.
Ethereum remains the most targeted blockchain, involved in 164 security incidents that resulted in $1.5 billion in losses during H1 2025. Its central role in decentralized finance (DeFi), smart contracts, and total value locked (TVL) continues to make it an attractive target for cybercriminals seeking large-scale theft.
The Bitcoin network, while more secure by design, wasn’t immune. It recorded 10 incidents and $373 million in losses, reflecting increased interest from attackers despite fewer vulnerabilities compared to Ethereum-based systems.
Encouragingly, the second quarter of 2025 showed marked improvement. Crypto losses fell 52% to $801 million across 144 incidents, compared to the first quarter, suggesting that crypto security practices may be gradually improving across platforms and protocols.
However, phishing remained a persistent threat, with hackers deploying increasingly advanced tactics to deceive users. CertiK urges crypto holders to adopt best practices, including multifactor authentication (MFA), hardware wallet usage, and vigilant avoidance of suspicious links and fake websites.
In a modest bright spot, approximately $187 million in stolen assets were recovered and returned to victims during the first six months of the year. After adjusting for these recovered funds, net crypto losses for H1 2025 stand at around $2.2 billion.
The findings reinforce the urgent need for both users and platforms to enhance their cybersecurity posture. As blockchain adoption continues to grow globally, the crypto ecosystem’s resilience will depend on proactive threat detection, rigorous smart contract audits, and user education in the face of evolving digital threats.
