The global cryptocurrency industry has endured one of its most damaging years in 2025, with hackers stealing more than $2.7 billion through a series of high-profile cyberattacks. New findings from blockchain intelligence firms Chainalysis and TRM Labs show that while the number of individual breaches has varied, the scale and sophistication of attacks have reached unprecedented levels.
A major share of the losses stemmed from a single incident — the $1.5 billion hack of the Bybit exchange in February. Identified by Web3 security platform Immunefi as the largest crypto theft ever recorded, the breach alone accounted for nearly 69% of all funds stolen from crypto services in the first half of the year.
Security experts point to the Lazarus Group, a hacking syndicate linked to North Korea, as a key driver behind the surge. Chainalysis estimates that the Democratic People’s Republic of Korea (DPRK) stole at least $2.02 billion in cryptocurrency in 2025, marking a 51% year-on-year increase. Hackers are increasingly relying on advanced social engineering techniques, impersonating recruiters, investors, or business partners to gain internal system access.
Since 2017, North Korean-linked actors have allegedly siphoned off nearly $6 billion in digital assets, funds that Western intelligence agencies believe are being redirected to support the country’s sanctioned nuclear weapons programme.
Unlike previous years, when decentralised finance (DeFi) platforms were the primary targets, 2025 saw a strategic shift towards centralised exchanges (CeFi) and cross-chain bridges. Attackers have become more adept at exploiting private key compromises and smart contract vulnerabilities, enabling faster and larger-scale thefts.
Despite the grim figures, the industry has seen some progress. Chainalysis noted that improved coordination between crypto exchanges, blockchain analysts, and law enforcement agencies has helped freeze millions of dollars in stolen assets shortly after attacks occurred.
For the Indian tech and fintech ecosystem, the report highlights an urgent need to adopt zero-trust security models, robust identity verification, and advanced liveness detection systems to counter increasingly organised and state-backed cyber threats.
Recent Random Post:
