In short
- Total losses from crypto hacks reached $2.72 billion in 2025, surpassing last year’s record despite subdued market conditions.
- February’s Bybit breach was the biggest exploit of the year, with North Korean actors suspected of stealing up to $1.5 billion.
- Major exchanges and DeFi platforms, including Coinbase, Cetus Protocol, Nobitex, UPCX, BtcTurk, and Upbit, reported significant compromises throughout the year.
This year was a record for hacks in the crypto sector, with more than $2.72 billion stolen, according to data from TRM Labs.
Yes, with low crypto prices pushing investors down, 2025 was a particularly bad year for exploits – even after 2024 records broken.
The year started horribly with a $1.5 billion loss in February after North Korean hackers focused centralized exchange Bybit in the most important crypto exploit in history.
That set the tone for the rest of the year, with “even more organized and professionalized” crimes, TRM Labs told Declutter.
“Attacks are faster, better coordinated and much easier to scale than in previous cycles,” said Ari Redbord, TRM’s Global Head of Policy. “2025 also saw the continued expansion of North Korea’s IT employee programs, further contributing to the operational sophistication behind many campaigns.”
Let’s dive in and take a look at the biggest hacks and breaches of 2025.
Bybit: $1.5 billion
The year got off to the worst possible start when hackers…believed from North Korea – targeted crypto exchange Bybit and made off with between $1.4 and $1.5 billion in Ethereum and related tokens.
The exploit shocked the industry not only because of its scale, but also because the funds were supposedly kept in multi-signature cold wallets – the most secure way to safely store digital assets.
Multi-signature wallet provider Safe said the heist stemmed from a compromised developer laptop. An investigation later found that a high-level Safe developer’s workstation was compromised on February 4 when it interacted with a malicious application.
Coinbase: up to $400 million
Coinbase, America’s largest cryptocurrency exchange and one of the most well-known and trusted brands in the space, dropped a bombshell in May when it revealed a data breach.
Criminals had sent the company a letter demanding $20 million worth of Bitcoin in exchange for stolen customer data. Coinbase co-founder and CEO Brian Armstrong then offered the same bounty to help catch the criminals.
The exchange assured people that no funds, passwords or private keys were compromised in the hack. And while customers’ money wasn’t stolen, Coinbase’s foreign subcontractors were bribed to hand over sensitive information. Coinbase said fixing the incident could cost the company as much as $400 million.
Cetus Protocol: $223 million
Despite scammers looking to centralized protocols this year, decentralized financial protocols remained a favorite among hackers, with Sui’s leading decentralized exchange, Cetus Protocol, receiving the largest. gut punch.
In May, attackers exploited vulnerabilities in Cetus Protocol smart contracts, using spoof tokens to manipulate price calculations and drain liquidity resources on the world’s largest decentralized exchange. Sui ecosystem.
In a rare outcome for the DeFi space, Cetus recovered approximately $162 million in funds frozen by the attack, and the protocol went back online 17 days after the exploit.
Nobitex: $90 million
Pro-Israeli hacker group Gonjeshke Darande hit Iran’s largest crypto exchange, Nobitex, withdrew $90 million worth of crypto from its centralized platform in June.
The group claimed that Nobitex had ties to the Islamic Revolutionary Guards Corps.
But the attack was controversial, compliance firm Crystal Intelligence said Declutter at that time, many innocent private investors were likely affected, despite the Israeli group’s claims.
UPCX: $70 million
Another DeFi protocol suffered damage this year after cybercriminals stole $70 million from open source platform UPCX in April.
Hackers took advantage of a compromised private key to steal money in the form of the protocol’s native UPC token, an exploit that barely made headlines despite the large amount of money stolen.
According to CoinGecko, the price of the protocol’s token has since struggled to recover after falling hard following the exploit, from $4 in April to just over $1.20 on December 5.
BtcTurk: $50 million
Hackers again focused The Turkish stock exchange BtcTurk in August, which at the time walked away with $48 million. The attack came after cybercriminals took away $54 million in 2024.
The exchange users told it had suspended withdrawals after blockchain analysts noticed suspicious transactions – mostly in Ethereum.
BtcTurk has said very little since the incident, but two major hacks in such a short period of time have done little to boost confidence among retail investors.
Upbit: $36 million
North Korean actors were again the prime suspects after the South Korean exchange Upbit announced in November that it had lost about $36 million from its Solana hot wallet.
Meme coins were among the stolen assets, and the exchange quickly assured users that the funds were quickly moved to cold wallets following the exploit. The speed of the attack prompted South Korean authorities to point the finger at the state-sponsored hacking organization. Lazarus.
Daily debriefing Newsletter
Start every day with today’s top news stories, plus original articles, a podcast, videos and more.
