Crypto hacks hit $3.1 billion by mid-2025

The Bybit hack in Q1 accounted for nearly half of all crypto losses this year, exposing serious gaps in access security.

Crypto losses have surpassed $3.1 billion in 2025, with access control failures accounting for nearly 60% of the damage.

Cyberattacks and scams have already cost the crypto sector more than $3.1 billion in 2025, marking one of the most damaging years. Hacken’s mid-year report reveals that access control failures and social engineering tactics remain the primary culprits.

The most significant single incident occurred in Q1, when Bybit suffered a $1.5 billion breach, accounting for 83% of all Q1 losses. Access control weaknesses were responsible for around $1.83 billion, or 59% of funds lost across both DeFi and CeFi platforms.

Decentralised finance projects were hit particularly hard, with $300 million drained in Q2 alone. Smart contract vulnerabilities contributed to $263 million in losses, including a $223 million hit in the Cetus exploit.

Meanwhile, phishing scams reached new heights, with one incident in April involving a $330 million Bitcoin theft.

Q2 had fewer access breaches than Q1, but single leaks caused rapid, large-scale losses. Hacken’s report concludes that improved cybersecurity is essential for building trust and protecting innovation in the growing blockchain space.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot