A recent security report from CertiK revealed that the cryptocurrency sector suffered losses exceeding $2.2 billion during the first half of 2025, due to increasing security breaches and fraud.
According to the "Hack3d" report for the first half of the year, these losses have already surpassed the total recorded for the entire year of 2024, highlighting the growing security risks in the digital currency space.
Wallet breaches and phishing top the reasons The report recorded 344 blockchain-related hacking incidents between January and June, leading to massive losses, particularly by targeting digital wallets. The losses from wallet breaches alone reached $1.7 billion through just 34 incidents, while phishing attempts resulted in losses of $410 million across 132 attacks, making it one of the most common methods to target cryptocurrency users.
February records the largest incident and "Cetus" exploited via smart contracts February witnessed the largest exploitation in the first half of 2025, when the Bybit platform lost an estimated $1.5 billion in a major breach of a wallet related to ETH deposits.
Additionally, another significant loss was recorded in May when the Cetus protocol was exploited for $225 million due to a flaw in the smart contracts, although $162 million was later recovered by Sui network investigators.
Ethereum tops the targeted chains in attacks The Ethereum network was identified as the primary target of cryptocurrency attacks, with 175 incidents causing losses of $1.6 billion. In May alone, smart contract vulnerabilities led to losses of $229 million, compared to just $5 million in April, indicating a sharp increase in the rate of sophisticated attacks.
Physical attacks involving kidnapping and ransom... with France leading The CertiK report highlighted the increase in physical attacks related to cryptocurrency, with 32 incidents reported involving physical violence, kidnapping, and extortion attempts. France was recorded as the most affected country by this type of incidents, including a kidnapping attempt involving the CEO of the Paymium platform.
Despite the recovery of approximately $187 million through the efforts of white-hat teams and cooperation between cryptocurrency platforms and law enforcement agencies, the complexity and ferocity of the attacks are continuously on the rise.
The report emphasized that the most significant vulnerability in the security system lies in weak private key management, as they are often stored unencrypted or under the control of a single individual, making them easy targets for hackers.
This point is one of the major weaknesses in the cryptocurrency sector and has directly contributed to billions in losses during the first six months of the year.
