Infosecurity Magazine reports that threat actors have pilfered almost $2.47 billion worth of cryptocurrency in scams and other heists during the first half of 2025, surpassing cryptocurrency losses recorded for the entirety of 2024.
Nearly 75% of the stolen cryptocurrency had been from separate attacks against leading Dubai-based crypto exchange Bybit and decentralized crypto exchange Cetus Protocol, which led to the exfiltration of $1.4 billion and $225 million worth of digital assets, respectively, an analysis from blockchain security firm CertiK showed. Moreover, average losses per incident between January and June were significantly higher than those of the whole of 2024. Additional findings revealed wallet compromise to be the most lucrative attack vector during the first six months of 2025, followed by phishing, which had become the costliest vector by the second quarter. Such a report should prompt improved security across the blockchain sector, according to CertiK co-founder Ronghui Gu. "When it comes to security, a multi-layered approach encompassing robust code audits, formal verification, real-time monitoring, incident response plans, vulnerability assessments, and employee awareness training should be treated as the norm, not the exception," said Gu.
Nearly 75% of the stolen cryptocurrency had been from separate attacks against leading Dubai-based crypto exchange Bybit and decentralized crypto exchange Cetus Protocol, which led to the exfiltration of $1.4 billion and $225 million worth of digital assets, respectively, an analysis from blockchain security firm CertiK showed. Moreover, average losses per incident between January and June were significantly higher than those of the whole of 2024. Additional findings revealed wallet compromise to be the most lucrative attack vector during the first six months of 2025, followed by phishing, which had become the costliest vector by the second quarter. Such a report should prompt improved security across the blockchain sector, according to CertiK co-founder Ronghui Gu. "When it comes to security, a multi-layered approach encompassing robust code audits, formal verification, real-time monitoring, incident response plans, vulnerability assessments, and employee awareness training should be treated as the norm, not the exception," said Gu.
