Crypto investors lost over $ 2.1 billion to hacks and exploitation in the first half of 2025, marking the worst six-month period on a record for crypto security and an indication of some nation states that intensified their cyber campaigns in the crypt area.
The 75 registered incidents crossed the previous H1 High from 2022 with approx. 10% and almost matches a total of 2024 in total, said a TRM Lab’s report, published Friday. But raising alarms is who makes a big part of the stole.
Researchers say the North Korean connected groups are responsible for $ 1.6 billion, or 70% of all stolen funds this year.
In the middle of the wave, Bybit Hack is $ 1.5 billion in February, which is now believed to have been performed by North Korea, marking the biggest cryptot theft in history and leaning the average hack size of the year to $ 30 million – or double last year’s levels.
The threat is not limited to pyongyang. On June 18, a group assumed to be linked to Israel, Gonjeshke Darande (predator parrow), stole $ 90 million from Iranian Exchange Nobitex, reportedly in return for the platform’s alleged role in sanctions evasion.
The stolen funds were sent to vanity addresses (which cannot be prepared by design and sent tokens considered burnt), which suggests a political motive over profit.
Attack vectors develop rapidly. Over 80% of stolen funds came from infrastructure level violations, including private key thefts and front-end capsules.
These attacks, often involving social technique or insider access, turn out to be ten times more lucrative than traditional smart contract utilization. Defi vulnerability, including flash loans and reentancy attacks, which were widespread in 2021-22, accounted for a relatively small 12% of the losses.
Read more: North Korean hackers are targeted at top cryptophy companies with malware hidden in job applications
