Crypto hacks in 2025 resulted in $3.3 billion stolen, but the number of incidents dropped sharply as attacks shifted to sophisticated supply-chain exploits and phishing scams, according to CertiK data.
-
Supply-chain attacks led losses with $1.45 billion from just two incidents, including the major Bybit hack.
-
Phishing scams ranked second, causing $722 million in damages across 248 cases amid rising threats like pig butchering tactics.
-
Security incidents fell by 162 year-over-year, signaling improved protocol defenses despite a 66% rise in average theft to $5.3 million.
Crypto hacks 2025: Discover how losses hit $3.3B amid fewer but deadlier attacks. Learn key trends in supply-chain exploits and phishing risks—stay secure in evolving threats today.
What Are the Key Trends in Crypto Hacks 2025?
Crypto hacks 2025 saw total losses reach $3.3 billion, a significant figure driven by fewer but more targeted incidents as blockchain security advanced. According to data from blockchain security firm CertiK, the decline in attack numbers reflects stronger protocol protections, forcing hackers toward complex methods like supply-chain breaches and phishing. This shift highlights the crypto space’s maturing defenses against traditional vulnerabilities.
How Have Supply-Chain Attacks Evolved in Crypto Security 2025?
Supply-chain attacks emerged as the dominant threat in crypto security 2025, accounting for $1.45 billion in losses from only two major incidents. The Bybit hack in February alone caused $1.4 billion in damages, underscoring the vulnerability of infrastructure providers. CertiK’s analysis indicates that well-resourced threat actors are increasingly targeting these points, with incidents dropping in volume but rising in sophistication and impact.
Overall security incidents decreased by 162 counts compared to the prior year, a clear sign that foundational blockchain measures are bolstering resilience. However, the average loss per hack climbed 66% to $5.3 million, while the median theft fell 35.75% to $103,966, showing that outliers like supply-chain exploits skew the data. As attackers adapt, experts predict a surge in coordinated efforts against ecosystem infrastructure.
Crypto hacks by amount and incident, yearly chart. Source: CertiK
Soulja Boy token sparks backlash after Base co-founder posts purchase receipt
The evolving landscape of crypto hacks 2025 demonstrates that while code vulnerabilities are waning, attackers are pivoting to higher-stakes operations. Blockchain analytics from firms like CertiK emphasize the need for comprehensive supply-chain audits to mitigate these risks effectively.
Crypto hacks by incident type and amount of losses, one-year chart. Source: CertiK
Solana AI token Ava hit by launch sniping tied to deployer: Bubblemaps
Frequently Asked Questions
What Caused the $3.3 Billion in Crypto Hacks 2025?
In 2025, crypto hacks totaled $3.3 billion in losses, primarily from advanced supply-chain exploits and phishing schemes as basic vulnerabilities declined. CertiK reports highlight two massive incidents driving most damages, with improved security reducing overall attack frequency by over 162 cases year-over-year, focusing threats on high-value targets.
Why Are Pig Butchering Scams Rising in the Crypto Space?
Pig butchering scams, a sophisticated form of phishing, are gaining traction because they exploit emotional trust over time, leading to massive crypto transfers. Victims often face grooming periods from one week to three months, resulting in $722 million lost across 248 incidents in 2025, per Cyvers data, as scammers blend AI tools with prolonged manipulation.
Key Takeaways
- Declining Incidents Signal Progress: Security improvements cut hack counts by 162, but losses concentrated in sophisticated attacks like the Bybit incident.
- Supply-Chain Vulnerabilities Dominate: These breaches caused $1.45 billion in damages, urging infrastructure providers to enhance defenses against coordinated threats.
- Phishing and Scams Persist: With $722 million stolen via tactics like pig butchering, users should verify sources and enable multi-factor authentication for protection.
Conclusion
The trends in crypto hacks 2025 reveal a resilient ecosystem where protocol-level security has curbed simple exploits, yet supply-chain attacks and phishing scams like pig butchering pose escalating dangers, totaling $3.3 billion in losses. As blockchain firms such as CertiK continue to track these shifts, investors must prioritize vigilant practices to safeguard assets. Looking ahead, adopting robust verification and auditing could further fortify the space against emerging threats—act now to stay ahead.
Concerns about code vulnerabilities are fading in the crypto space, but more sophisticated scam tactics are emerging as protocol security improves.
Crypto hackers stole $3.3 billion in 2025, but the number of attacks fell sharply as losses became concentrated in fewer, more sophisticated supply-chain exploits, according to new data from blockchain security firm CertiK shared with Cointelegraph.
While total losses remained elevated, the decline in incident counts and a drop in median theft sizes suggest that protocol-level security is improving, pushing attackers away from simple code vulnerabilities and toward phishing and infrastructure-level attacks.
CertiK said supply-chain breaches emerged as the most damaging threat, accounting for $1.45 billion in losses across just two incidents, including the $1.4 billion Bybit hack in February.
“The Bybit exploit signals that well-capitalized, well-coordinated threat actors are becoming more active across the ecosystem,” the report said, predicting a rise in the “sophistication” of supply chain attacks as attackers target more infrastructure providers.
Pig butchering victim stats, grooming time. Source: Cyvers
Pig butchering scams are a subset of phishing scams that cost the industry a collective $5.5 billion in 2024, across 200,000 individual cases.
Notably, the average grooming period for victims is between one and two weeks in 35% of cases, while 10% of scams involve grooming periods of up to three months, according to blockchain security platform Cyvers.
In June, the US Department of Justice announced the seizure of over $225 million in crypto linked to pig butchering scams.
Magazine: Coinbase hack shows the law probably won’t protect you — Here’s why
