Registration
 
All news
Top Stories
Editors' Picks
Crypto News
Financial News
Market Voices
Billionaires
Companies
Broker News
Regulators News
Eugene Komchuk
Eugene Komchuk

Attacks on exchanges and wallets: Why 2025 became record year for crypto thieves

Attacks on exchanges and wallets: Why 2025 became record year for crypto thieves
What hackers stole in 2025 — and how they did it

​In 2025, the crypto industry faced another surge in criminal activity: from January through December, more than $3.4 billion was stolen, with the February Bybit hack alone netting attackers $1.5 billion. The key change, however, was not just the scale of losses, but the transformation of threats themselves — there were fewer attacks, yet they became far more destructive.

Who is behind the billion-dollar thefts

Analysts at Chainalysis estimate that roughly $3.4 billion in crypto assets was stolen in 2025. Most of these losses stemmed from just a handful of major incidents that shaped the year’s overall picture. This suggests that modern crypto hacks are increasingly rare but catastrophic events rather than a steady stream of mid-sized attacks.

The key threat actor remains North Korea (DPRK), which accounted for around 76% of all crypto service compromises in 2025. North Korean groups stole at least $2 billion, a 51% increase year over year, operating less frequently but with significantly higher efficiency.

DPRK operators have even developed a distinct laundering “style.” Instead of moving large chunks of $1–10 million or more, as many other groups do, they split stolen funds into smaller tranches, with most transfers falling below $500,000. These funds are then routed through cross-chain bridges and mixing services. A critical role is played by Chinese-language services and intermediary networks that act as transaction “guarantors,” helping convert assets while bypassing strict compliance checks. As a result, the money “dissolves” across chains and ultimately ends up with less transparent providers, making fiat off-ramps easier.

The most high-profile hack of 2025

As noted above, the defining feature of the year was not dozens of mid-level attacks, but a few extremely large ones. The most illustrative case was the February attack on Bybit, where roughly $1.5 billion in crypto — primarily ETH — was siphoned from the exchange’s infrastructure. It became one of the largest thefts in the history of the crypto market.

The attack was carried out by the same North Korean hackers. It was not a “blockchain hack” per se, but a compromise of a critical asset-management control point: the attackers gained the ability to legitimately sign withdrawal transactions, effectively bypassing internal controls and turning the transfer into what appeared to be an authorized operation.

Bybit publicly stated that client funds were safe and that the exchange remained solvent, meaning users would not bear the losses. Although the news triggered anxiety and a spike in withdrawals, the platform quickly restored normal operations and stabilized the situation.

Who suffers most from hacks

The year 2025 will be remembered for the changing “geography” of victims: increasingly, it is individual users, not protocols, who are under attack. The number of incidents involving compromised personal wallets rose to 158,000 in a single year, while the number of unique victims at least doubled compared to 2022.

Personal wallets accounted for about 20% of the total value stolen in 2025. These thefts became highly mass-scale — attackers targeted more people while the average loss per victim declined. In practice, this most often takes the form of phishing, fake websites and browser extensions, “customer support” scams in messengers, and malicious transaction-signing schemes — attacks where user mistakes matter more than code vulnerabilities.

Solana stands out in particular: by the number of affected users, it became one of the most prominent targets, with tens of thousands of wallet compromises recorded. The reason is not weaker security, but the scale of retail usage — many active wallets, popular applications, a high share of newcomers, and fast interaction flows where users are more likely to sign transactions on autopilot.

How threats are changing — and what to do about it

Crypto crime reached a new level in 2025. On one hand, the industry faces rare but massive attacks by state-backed actors like the DPRK; on the other, widespread theft from everyday users. Risks are no longer confined to vulnerable protocols or poorly secured services — both large centralized platforms and individual wallets are in the crosshairs.

At the service level, the primary threat remains the compromise of access and asset-management processes: a single successful attack on keys or signers can result in losses of hundreds of millions of dollars. For users, the main risks are phishing and social engineering. As criminals increasingly rely on scale, security depends less on blockchain complexity and more on basic digital hygiene.

Looking ahead to 2026, crypto protection will continue to shift toward prevention: hardware wallets for long-term storage, splitting assets across multiple addresses, avoiding suspicious links and extensions, and carefully reviewing transactions and permissions. For the industry as a whole, this means stronger monitoring, tighter access controls, and faster incident response. The lesson of 2025 is clear: threats are growing, but most of them can be significantly reduced if security is treated not as an abstraction, but as a daily practice.

This material may contain third-party opinions, none of the data and information on this webpage constitutes investment advice according to our Disclaimer. While we adhere to strict Editorial Integrity, this post may contain references to products from our partners.

Editor's Picks for You

How to build wealth from scratch in 3 practical steps
  • By Johnathan Maverick
  • 17 hours ago
How to build wealth from scratch in 3 practical steps
Editors' Picks
Kospi Index crash: Why South Korean market fell alongside AI stocks
  • By Eugene Komchuk
  • 20 hours ago
Kospi Index crash: Why South Korean market fell alongside AI stocks
Editors' Picks
Bitcoin or Ferrari: Which investment is better?
  • By Mira Kyivska
  • Yesterday
Bitcoin or Ferrari: Which investment is better?
Editors' Picks
All Editors' Top Picks

Latest Crypto News

EU crypto rules raise compliance costs, reshaping Web3 competition
  • By Dan Blystone
  • 11 hours ago
EU crypto rules raise compliance costs, reshaping Web3 competition
Crypto News
#Crypto #Cryptoreg
MetaMask launches wallet for AI agents with DeFi access
  • By Olga Shendetskaya
  • 12 hours ago
MetaMask launches wallet for AI agents with DeFi access
Crypto News
#Crypto
Sam Bankman-Fried formally seeks pardon from Trump
  • By Eugene Komchuk
  • 12 hours ago
Sam Bankman-Fried formally seeks pardon from Trump
Crypto News
#Crypto #FTX
All Crypto News
  • Johnathan Maverick
  • 17 hours ago
How to build wealth from scratch in 3 practical steps
  • Eugene Komchuk
  • 20 hours ago
Kospi Index crash: Why South Korean market fell alongside AI stocks
  • Mira Kyivska
  • Yesterday
Bitcoin or Ferrari: Which investment is better?
  • Mira Kyivska
  • 06.06.2026
Strategy sells Bitcoin: Small sale tests market confidence
  • Mikhail Vnuchkov
  • 05.06.2026
Ledger vs. Trezor: Search for ideal crypto wallet
  • Daria Chernytska
  • 8 min ago
Avery Ching: Confidential assets live on Aptos mainnet enable cross-border stablecoin settlement
  • Eugene Komchuk
  • 18 min ago
Bill Gurley: Lock-up agreements require underwriter contract, not just firm assertion
  • Hanna Syniavska
  • 43 min ago
AI IPOs generate post-lockup inflows for bitcoin, Samson Mow notes
  • Jose Antonio Gastelum
  • 1 hour ago
Bitcoin faces doubts from longtime holders, Joe Burnett notes
  • Ashutosh Sureka
  • 1 hour ago
Amit Kukreja: NVIDIA CEO views market selloff as AI investment opportunity
Weekly Top Bonuses
up to $2,500
deposit bonus for all clients
CLAIM BONUS
Your capital is at risk.
Top News
  • Eugene Komchuk
  • 12 hours ago
Sam Bankman-Fried formally seeks pardon from Trump
Sam Bankman-Fried formally seeks pardon from Trump
  • Ivan Andriyenko
  • 15 hours ago
Hayes dumps WLD days after Maelstrom's bullish call
Hayes dumps WLD days after Maelstrom's bullish call
  • Hanna Syniavska
  • 18 hours ago
Powell warns Trump pressure on Fed could threaten markets
Powell warns Trump pressure on Fed could threaten markets
  • Igor Krasulya
  • 19 hours ago
Nvidia bets on South Korea in AI infrastructure race
Nvidia bets on South Korea in AI infrastructure race
  • Olga Shendetskaya
  • 20 hours ago
Oil rises above $97 after new Israel-Iran exchange of strikes
Oil rises above $97 after new Israel-Iran exchange of strikes
Live News
  • Anton Kharitonov
  • Now
Alphabet decline intensifies amid record AI investment
  • Anton Kharitonov
  • Now
Microsoft declines amid AI expectation reset, but fundamentals remain strong
  • Dmytro Kharkov
  • Now
Snowflake tests post-earnings breakout as AI rally faces first challenge
  • Anton Kharitonov
  • Now
Apple under pressure as investor skepticism grows
  • Dmytro Kharkov
  • Now
Nvidia tests key support as Jensen Huang calls AI sell-off a buying opportunity
Who We Are
Business Solutions
For Users
TU News
Popular Sections
Disclosures
CONTACT US
Legal
We are in Social Media
© IAFT Ltd., 2010-2026 All rights to the website are owned by IAFT Ltd.,
Registration number - HE 336186
  • Risk disclosure:

    Information on the TradersUnion.com website is for informational purposes only and does not constitute any motive or suggestion to visitors to invest money. Moreover, we hereby warn you that trading on the Forex and CFD markets is always a high risk. According to the statistics, 75-89% of customers lose the funds invested and only 11-25% of traders earn a profit. Trading in futures and options carries substantial risk of loss and is not suitable for every investor.

    That is why you should only invest money that you are prepared — or can afford — to lose at such high risks. Tradersunion.com does not provide any financial services, including investment or financial advisory services. Also, the Traders Union is not a broker and does not get money for trading in the Forex or CFD markets. Our website only provides information on brokers and the markets and helps its users to select the best brokerage company based on detailed information and objective analysis of brokers.

  • Disclaimer:

    Traders Union (TradersUnion.com) shall not be liable for the consequences of trading decisions made by the Client and for the possible loss of his capital resulting from the use of this website and information published on it.

    Forex market, CFD and cryptocurrency trading involves high risks and is not suitable for everyone. Before investing money, you need to adequately assess the level of your expertise and be aware of the risks, particularly in the context of trading with leverage. The information on this website is not intended for distribution or use by any person in any country or jurisdiction, where such distribution or use would be in violation of the local law or regulation. Any payments by Traders Union (TradersUnion.com) to the users of our website shall be legally interpreted solely as an incentive on our part for the activity on the website in the form of a deduction of a part of the advertising income; they shall not be a subject of any claims of our users or our obligations, a subject of disputes, as well as cannot be considered in relation to the services provided to users by brokers, both in fact and in their completeness and volume. The administration of the website shall not be liable for the content of user comments and reviews about the companies and shall not verify whether the authors of the reviews are indeed real clients of a specific company. All reviews, both negative and positive are published on the website without verification of their reliability; only offensive reviews that call for violence or any kind of discrimination and also reviews published from one group of IP addresses are moderated and removed. The authors of the materials shall be fully liable for the accuracy, completeness and impartiality of any information in the articles and reviews, including in the context of their use or mention of any brand names or trademarks. All mentions of the names of companies and their brands in any materials on the website shall be made in the context of communication of socially important information to the people about their activities by independent journalists, who are the authors. All evaluations and indicators on the website express the subjective opinion of the authors of the reviews (articles) and shall not be viewed as accurate statements and be a subject of disputes and claims against Traders Union.

  • Disclosure of advertisers and revenues:

    All the services on the Tradersunion.com website are free for you to use. Our team spends thousands of hours per annum researching brokers and gathering information about them to help investors all over the world to choose reliable companies and to avoid fraudsters.

    Indeed, the curating, sourcing, and organization of this process requires substantial financial investment by Tradersunion.com, which the website earns in the form of advertising payments. There are two types of advertising services on the website — direct advertising or partner (broker) participation programs. However, no services purchased by our partners shall affect the recommendations on our website, or our opinions, or ratings. Our ratings are based on our objective rating criteria and methodology; and the results are always equally and fairly applied to each broker. The work of our content authors and research groups does not involve any interaction with our advertisers and they do not have access to data concerning the amount of advertising purchased. For over 10 years we consider our independence, absolute openness, and objectivity as our main priority. Please follow the links to each of our affiliated broker’s websites. This will help Tradersunion.com to continue to provide our services to you for free.

onepercentfortheplanet.org World Association of News Publishers https://gdpr.eu/ GDPR