Crypto Hack Losses Surpass $2.47 Billion in H1 2025, Already Exceeding 2024 Total: CertiK Report

The first half of 2025 has etched itself into cryptocurrency security history for all the wrong reasons. According to blockchain security firm CertiK, approximately $2.47 billion in digital assets were stolen through scams, hacks, and exploits between January and June 2025 — already surpassing the total losses recorded throughout the entirety of 2024. This staggering figure underscores a sobering reality: as the crypto ecosystem matures and asset values climb, the incentives for malicious actors grow proportionally.

The Exploit Mechanics

The surge in crypto losses during H1 2025 was predominantly driven by two catastrophic security incidents that together accounted for 72% of total losses. The Bybit breach in February 2025 stands as the largest cryptocurrency theft in history, with hackers — widely attributed to North Korea’s Lazarus Group — stealing approximately $1.4 billion in Ethereum-based assets from the Dubai-based exchange. The attack vector involved a sophisticated supply chain compromise that targeted Bybit’s Safe (formerly Gnosis Safe) multisig wallet infrastructure, allowing attackers to redirect transactions without triggering immediate detection.

The second major incident struck in May 2025, when attackers exploited Cetus Protocol — the largest decentralized exchange on the Sui blockchain — making off with approximately $225 million in digital assets. Notably, Sui validators responded with unprecedented coordination, freezing and returning $162 million of the stolen funds through an emergency governance proposal, demonstrating that rapid collective action can mitigate even the most damaging exploits.

Beyond these headline-grabbing events, CertiK documented a total of 344 individual security incidents across H1 2025. The average loss per incident reached $7.18 million, more than double the $3.1 million average recorded in 2024. When excluding frozen or recovered funds, net losses stood at $2.29 billion — already exceeding 2024’s full-year net losses of $1.98 billion.

Affected Systems

Ethereum bore the brunt of attacks in H1 2025, experiencing 175 security incidents resulting in $1.63 billion in losses — heavily influenced by the Bybit breach. However, the threat landscape shifted noticeably between quarters. In Q1, wallet compromise was the dominant attack vector, with $1.7 billion stolen across just 34 incidents, primarily concentrated in three massive breaches including Bybit.

By Q2 2025, phishing had resurged as the most lucrative attack vector, accounting for $395.06 million in losses across 52 incidents. This marked a significant tactical shift, as wallet compromise dropped to the fifth costliest vector in Q2 with only $11.2 million in losses. Bitcoin networks also saw increased targeting in Q2, with $373.6 million lost across nine incidents — suggesting attackers are diversifying beyond Ethereum-centric targets.

The Mitigation Strategy

CertiK co-founder Ronghui Gu emphasized that while the headline figures are alarming, the concentration of losses in two incidents suggests the broader security posture may not be deteriorating as dramatically as raw numbers imply. Without those two events, total H1 losses would have stood at $690 million — a more manageable figure relative to the ecosystem’s growth.

The industry response has been multi-pronged. Multi-signature wallet providers have strengthened their UI verification processes following the Bybit incident. Cross-chain bridge protocols have implemented additional validation layers. The Cetus incident demonstrated that blockchain governance mechanisms can serve as an effective emergency brake when validators act swiftly and cooperatively.

Security professionals recommend a layered defense approach encompassing formal code verification, real-time monitoring systems, comprehensive incident response plans, regular vulnerability assessments, and continuous employee awareness training. As CertiK notes, these measures should be treated as standard operational requirements rather than optional enhancements.

Lessons Learned

The H1 2025 data reveals several critical patterns. First, single points of failure — whether in multisig infrastructure or cross-chain bridges — continue to present outsized risk. Second, the rapid recovery of $162 million in the Cetus incident proves that community-coordinated responses can meaningfully limit attacker success. Third, the resurgence of phishing as the top Q2 vector indicates that social engineering remains the most persistent threat to individual users and organizations alike.

User Action Required

With Bitcoin trading around $105,700 and Ethereum near $2,400 as of July 1, 2025, the total value at risk in the crypto ecosystem continues to grow. Users should verify all transaction details through multiple independent channels before signing, enable hardware wallet authentication for large holdings, and maintain heightened skepticism toward unsolicited communications. The $2.47 billion lost in H1 2025 serves as a stark reminder that security vigilance is not optional — it is the price of participation in decentralized finance.

Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Always conduct your own research before making any financial decisions.