Losses from cryptocurrency hacks and exploits reached $2.47 billion in the first half of 2025, already surpassing the total for all of 2024, as attackers increasingly exploit human error despite stronger blockchain security, according to blockchain security firm CertiK.
A report released Tuesday showed that while the number of incidents fell in the second quarter, losses remained high. More than $800 million was stolen across 144 cases in Q2, down 52% from the prior quarter. The decline followed a record-breaking $1.4 billion hack on Bybit in February, the largest crypto exploit to date.
“Cybersecurity efforts are stronger than ever, but attackers only need to find a single weakness,” said Ronghui Gu, a Columbia University professor and co-founder of CertiK, during a hosted discussion. “It’s an endless war. I’m afraid that next year’s hacks will still be at a billion-dollar level.”
The Bybit exploit, which dwarfed previous high-profile breaches like the 2016 Bitfinex hack and the 2022 Ronin bridge attack, has become a watershed moment for the industry. Analysts say its sheer scale highlights not only the financial risks but also the potential for systemic instability in decentralized finance (DeFi) markets.
As blockchain infrastructure becomes harder to compromise, attackers are focusing on human vulnerabilities such as private key compromises and phishing. Gu noted that about half of all crypto security breaches in 2024 stemmed from operational risks tied to human behavior.
Recent cases illustrate the trend. On Aug. 6, an investor lost $3 million in Tether (USDT) after unknowingly approving a malicious transaction with a single click. On Aug. 3, another victim lost $900,000 more than a year after signing an approval that allowed hackers to drain their wallet.
Phishing scams often trick investors by showing shortened wallet addresses, leading victims to miss subtle character mismatches. Attackers then deploy malicious smart contracts that grant them sweeping control over wallets once approved.
Experts compare this to traditional online banking fraud, where social engineering remains one of the hardest problems to solve despite advanced encryption and authentication. In crypto, the lack of reversibility makes such scams even more devastating, as once funds are drained on-chain, they cannot be recovered.
The surge in losses highlights a mounting challenge for the crypto industry, which has invested heavily in audits and monitoring tools. CertiK, which reviews millions of lines of code daily, says the scale of attacks shows that cybercriminals are evolving alongside security improvements.
CertiK’s report also noted an increase in cross-chain bridge exploits and infrastructure-level attacks, though these accounted for fewer incidents compared to phishing and approval scams. The trend suggests that while “code-level” risks are being reduced through audits, attackers are pivoting to the weakest layer in the stack: human decision-making.
The trend also puts pressure on regulators and exchanges to tighten safeguards, as DeFi remains a prime target for thefts. With phishing and social engineering scams on the rise, analysts warn that end-user education may be just as important as technical defenses in curbing future losses.
In practice, this could mean stricter wallet UI standards, mandatory transaction simulations before approval, and broader consumer awareness campaigns. Exchanges and wallet providers are increasingly expected to play a role similar to banks in protecting clients, but without undermining the decentralized ethos of crypto.
