Crypto under attack: over 2 billion dollars lost in hacks in the first quarter of 2025

The first quarter of 2025 ends with an alarming balance in the crypto world: over 2 billion dollars have been stolen due to security breaches and hacks, largely related to flaws in access control systems. 

An impressive figure, which almost matches the entire amount lost in all of 2024.

From the blockchain to the infrastructure: the hidden vulnerabilities causing the crypto hacks of 2025 

Heavily influencing the numbers of this first quarter was the 1.4 billion dollar attack on the exchange Bybit, identified as the single most serious event of these months.

According to the report compiled by Hacken, a company specializing in cybersecurity in the crypto sector, 1.63 billion dollars of the total losses are attributable to access control exploits, with the attack on Bybit alone accounting for the majority of them.

The vice president of investigations at AMLBot, Anmol Jain, explained that the enormous extent of the losses, in particular, is attributed precisely to this devastating incursion. 

Responsible for the attack would be North Korean hackers, protagonists of increasingly sophisticated and large-scale operations.

The infiltration represented a turning point for the sector, also because it showed how cybercriminals had access to over 11,000 cryptographic wallets, used to conceal and launder the stolen funds. 

A vast network, capable of transforming a single weakness into a billion-dollar damage. A key aspect highlighted by Hacken is that on-chain code security alone is no longer enough. 

The entire ecosystem, including the interfacce utente, the processi interni, and the management tools, must be secured. Just one single flaw in a part of the chain is enough to compromise the entire system.

The report highlighted how, in recent months, large centralized and decentralized platforms have been affected equally. 

No one is truly safe: the breaches have involved operational issues, weaknesses in access controls, and, in many cases, even well-crafted social engineering strategies.

The most unsettling point? There have been no new large-scale exploits. Rather, what is striking is the ongoing effectiveness of already known and widespread techniques, which continue to claim victims due to the lack of prompt countermeasures.

Multisig wallet: recurring weak link

In the crosshairs of the attacks, once again, there have been multisig (multi-signature) wallets. This is the third consecutive quarter in which this type of wallet represents the epicenter of the most severe breach.

In the attack on Bybit, the hackers managed to take control of the front-end of Safe{Wallet}, a crucial component for user authentication and access to funds.

Similar incidents had already occurred in the fourth quarter of 2024 with the hack of Radiant Capital and, shortly before, with the attack on the WazirX platform. In all cases, the poor implementation and management of multisig wallets proved to be the main vulnerability.

The losses caused by hack and cyber attacks are not the only danger for crypto users in 2025. The data from Hacken shows how even scams have generated large-scale damage, with staggering figures.

Specifically:

• – 96.37 million dollars were stolen through phishing, 
• – while 300 million dollars have been burned in rug pull, scams in which the creators of a token suddenly disappear with investors’ funds.

Anmol Jain raises the alarm about another growing phenomenon: the professionalization of scams. 

According to Jain, crypto scam networks now operate in ways similar to startups, equipping themselves with training programs for new fraudsters, internal management systems with objectives and elaborate laundering strategies, even through platforms like Huione Pay.

In particular, a particularly cruel type, known as “pig butchering,” seems to have originated in composti di criminalità informatica located predominantly in Southeast Asia. 

Countries like Cambogia, Myanmar e Laos host these organizations, which sometimes use giovani trafficati illegalmente from India, Nepal, Vietnam, and the Philippines to conduct the frauds.

Urgent change or systemic collapse?

The landscape outlined by Hacken’s data raises serious questions about the reliability of the global crypto infrastructure. 

The mere fact that the damages recorded in just the first quarter of 2025 almost matched the entire 2024, 2.25 billion dollars lost last year against over 2 billion in three months, reveals a concerning structural fragility.

The appeal of the experts is clear: increase the level of protection of digital infrastructures, moving from simple smart code auditing to holistic security that also includes access, user experience, and internal management.

The crypto world looks ahead, but if interventi sistemici are not adopted quickly, the next wave of attacks could have even more explosive consequences.

As Hacken pointed out:  

“All it takes is a single weak point to destroy the entire system.”

In the digital world that aims to build the finance of the future, the time has come to take security as seriously as innovation.