More than $2.47 billion worth of cryptocurrency has been stolen in hacks and scams so far this year, according to blockchain security firm CertiK – already surpassing all losses recorded in 2024.
CertiK’s mid-year “Hack3d” report identified 344 separate crypto security incidents in the first six months of 2025 alone.
Wallet compromises caused the largest losses, totaling $1.7 billion across just 34 breaches. Phishing attacks followed, with $410 million stolen in 132 incidents.
Ethereum (ETH) was the most targeted network, suffering 175 attacks that drained $1.63 billion in assets. While Q2 losses fell 52% from Q1 to $801 million, the average loss per breach remained high at $7.1 million.
Per the report, the average incident caused about $7 million in losses, with the median being much closer to $89,000.
The single biggest factor driving the surge was February’s Bybit exchange hack, in which Hackers looted the exchange for nearly $1.5 billion worth of Ethereum and Lido Staked Ether (stETH), representing the largest crypto theft ever and possibly the biggest heist in world history.
After accounting for $187 million in recovered or frozen funds, net losses still total about $2.29 billion. CertiK warned that both centralized and decentralized platforms remain vulnerable, with attackers needing to find only one weakness while defenders must protect millions of lines of code.
