More than $2.1 billion worth of cryptocurrency was stolen in the first half of 2025, driven largely by private key exploits and front-end compromises, according to a new report from blockchain intelligence firm TRM Labs.
The report, released Thursday, June 26, revealed that over 80% of the stolen funds this year were drained through infrastructure attacks. These types of attacks, which include hijacking wallet seed phrases or compromising user interfaces of protocols, netted hackers around ten times more on average than other methods.
Protocol exploits, such as flash loan and re-entrancy attacks, were also significant, accounting for roughly 12% of the total losses during the period. These attacks typically target vulnerabilities in a blockchain protocol’s smart contracts or core code to drain funds or disrupt operations.
Losses so far in 2025 have already surpassed the previous record set in 2022 by about 10%, nearly matching total losses from all of 2024. TRM Labs warned that this highlights a growing and increasingly concentrated threat to digital assets.
A major driver of this year’s staggering figures was the $1.5 billion hack of Dubai-based crypto exchange Bybit in February, allegedly carried out by North Korean actors. That single attack accounted for nearly 70% of all crypto thefts in H1 and pushed the average hack size to almost $30 million – double the $15 million average from last year.
The first half of 2025 saw monthly thefts exceed $100 million in January, April, May, and June, reflecting consistent high-scale attack activity.
Another notable incident was carried out by the pro-Israel hacker group Gonjeshke Darande, also known as Predatory Sparrow, which exploited Iran’s largest crypto exchange, Nobitex, for $100 million on June 18. The group is believed to have links to the Israeli government, according to TRM Labs.
The firm called for urgent industry action to bolster basic security measures such as multifactor authentication, cold storage, and frequent audits, alongside improved insider threat detection and social engineering defences.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
