Crypto Hacks Swipe Nearly $3 Billion In 2025 Despite Fewer Attacks – Report

Overview

As 2025 draws to a close, the crypto industry has faced significant security challenges, resulting in nearly $3 billion lost due to hacks. A recent report from blockchain security firm SlowMist highlights a troubling trend: while the number of hacking incidents has decreased, the scale of the attacks has increased dramatically.

Increase in Losses Amid Fewer Attacks

According to SlowMist’s 2025 Blockchain Security & AML Annual Report, the total amount stolen from crypto hacks has risen by 46% compared to the previous year. The report notes that the total losses from security incidents have reached approximately $2.935 billion, a stark increase from the $2.013 billion lost in 2024. This rise in losses is particularly alarming as the number of hacking incidents has dropped significantly; 2025 saw 200 reported hacks, a 51% decrease from the 410 incidents recorded in 2024.

The report indicates that the first half of 2025 was especially devastating, with theft activity surpassing the total losses of the entire previous year. Data from Chainalysis further confirms this trend, revealing a steep rise in hacking activity through June, characterized by both alarming velocity and consistency.

Sector-Specific Vulnerabilities

The decentralized finance (DeFi) sector has emerged as the primary target for hackers, accounting for 63% of all security incidents in 2025. This sector experienced 126 security breaches, resulting in losses totaling around $649 million. This marks a significant decrease from 2024, which had 339 incidents and losses of approximately $1.029 billion. In contrast, centralized exchange platforms reported 22 incidents, leading to losses of $1.809 billion, heavily influenced by a notable hack of Bybit that resulted in $1.46 billion stolen in a single event.

The report also highlights the evolution of hacking tactics. Phishing attacks remain prevalent, but they have become more sophisticated. Malicious actors are now employing a combination of techniques, including permission hijacking, malicious code execution, and supply-chain poisoning. This multi-faceted approach to attacks complicates detection and prevention efforts.

Regulatory Responses

Despite the rise in losses, the report notes a significant increase in regulatory enforcement actions. There has been a marked escalation in interventions by global regulatory and law enforcement agencies in areas such as money laundering, fraud, and illicit financing related to crypto. Notably, 18 incidents this year resulted in the recovery or freezing of lost funds, amounting to $1.95 billion, with approximately $387 million successfully returned or frozen.

SlowMist emphasizes that the future development of the Web3 industry will require more than just technical innovations. Organizations that prioritize stronger internal security measures, transparent fund governance, and comprehensive know-your-transaction (KYT) and anti-money laundering (AML) capabilities will be better positioned for resilience in future market cycles.

From author

The findings presented in SlowMist’s report underscore the evolving landscape of crypto security, where the stakes are higher despite a reduction in the number of incidents. This shift could signal a need for the industry to adapt more robust safety measures and regulatory compliance as the complexity of attacks increases.

Impact on the crypto market

• The increase in crypto theft losses may lead to heightened investor caution and scrutiny of security protocols within the industry.
• The decline in the number of hacking incidents, despite rising losses, suggests a trend towards larger, more impactful attacks, potentially affecting market confidence.
• Regulatory actions may increase, leading to stricter compliance requirements for crypto businesses, which could influence operational costs.
• The emphasis on building stronger internal security controls could prompt innovation in security technologies and practices within the sector.
• The significant losses may drive a wave of consolidation in the industry as smaller firms struggle to recover from security breaches.