Cryptocurrency Hacks in 2025: A Record Year of Losses

The cryptocurrency sector has endured a challenging year in 2025, with hackers successfully stealing over $2.7 billion through various notorious exploits. As revealed by new statistics from blockchain intelligence companies Chainalysis and TRM Labs, while the overall number of breaches has seen fluctuations, the magnitude of modern thefts has reached an alarming unprecedented level.

Major Losses from a Single Event

A large fraction of this year’s financial losses can be traced back to one disastrous incident: the $1.5 billion compromise of the Bybit exchange in February. Security experts from Immunefi, a prominent Web3 bug bounty platform, found this to be the largest cryptocurrency heist recorded. This singular event accounted for approximately 69% of the overall funds pilfered from services in the first half of the year.

The Role of the Lazarus Group

According to Steve Schmidt, Chief Security Officer at Amazon, along with various cybersecurity professionals, a key factor behind this increase is the Lazarus Group, a well-known hacking organisation associated with North Korea. Chainalysis indicates that the Democratic People’s Republic of Korea (DPRK) has stolen at least $2.02 billion this year, marking a 51% rise from the previous year. These hackers are increasingly employing advanced social engineering strategies, such as masquerading as recruiters or investors, to deceive corporate leaders into granting system access.

Historical Context of North Korean Theft

North Korean cybercriminals have stolen around $6 billion in cryptocurrency since 2017. It is reported that they utilise the stolen digital assets to finance North Korea’s sanctioned nuclear armament initiative.

Shift in Target from DeFi to CeFi

While Decentralised Finance (DeFi) platforms have traditionally been the primary targets in prior years, 2025 has seen a noticeable shift towards Centralised Finance (CeFi) platforms and cross-chain bridges. Hackers are now capitalising on compromised private keys and errors in smart contracts with increasing effectiveness. Nevertheless, amid these challenges, there is a silver lining: recovery initiatives are becoming more systematic and organised.

Improved Recovery Efforts

Chainalysis has noted that coordinated actions between exchanges and law enforcement have led to the successful freezing of millions in stolen assets soon after they were transferred. For the Indian technology sector, these insights highlight the immediate necessity for robust liveness checks and zero-trust security frameworks to counter the advancing professionalisation of global cybercrime.