In the first quarter of 2025, cryptocurrency-related hacks surged to an alarming $1.63 billion, a 131% increase from the $706 million stolen during the same period in 2024. According to blockchain security firms PeckShield and Immunefi, this marks one of the most significant increases in crypto theft to date. The majority of these hacks targeted centralized exchanges, with Bybit and Phemex suffering the largest breaches.
Bybit’s $1.46 Billion Loss: A Major Blow to the Crypto Industry
By far the biggest attack occurred on Bybit, one of the leading cryptocurrency exchanges, which lost a staggering $1.46 billion, accounting for 92% of the total stolen funds in Q1 2025. The breach not only set a new record in terms of the amount stolen but also highlighted the vulnerabilities present in centralized exchanges. This attack marks a significant shift in the trend of crypto hacks, as these exchanges have become prime targets, surpassing decentralized finance (DeFi) platforms that previously bore the brunt of such incidents.
Another notable breach took place at Phemex, which lost $69.1 million in a separate attack. These two incidents alone account for a vast majority of the total losses in the quarter, underscoring the growing risks to centralized platforms.
February: The Peak of Crypto Hacks in Q1
February 2025 was the worst month for crypto hacks, with $1.53 billion stolen, primarily due to the Bybit breach. Other significant attacks included a $50 million exploit on Infini, a $9.5 million hack on zkLend, and an $8.5 million breach of Ionic. These incidents point to an increasingly organized effort by hackers to target large platforms, especially those that process high volumes of transactions.
Despite the significant breaches in February, January was relatively calm, with $87 million stolen — a fraction of the losses in the following month. However, the situation dramatically worsened by March.
March: A Drop in Total Losses but Continued Threats
While March saw 20 hacks, the total amount stolen decreased by 97% from February, reaching $33.46 million. The largest breach in March was a $13 million exploit on Abracadabra.Money, where 6,260 ETH was stolen. Another significant attack occurred on March 21, targeting Zoth, a real-world asset restaking protocol, with hackers stealing $8.4 million. The attackers converted the funds into stablecoins, attempting to obscure their tracks.
March also saw an $8.32 million hack on zkLend, continuing the trend of DeFi lending platforms being targeted by attackers. While these breaches were smaller than those in February, they illustrate that the threat to decentralized platforms is far from over.
The Return of Stolen Funds: A Rare Glimpse of Hope
In a rare twist, some stolen funds were returned in Q1 2025. On March 7, a hacker who had stolen $5 million from decentralized exchange 1inch returned 90% of the funds after the platform offered a 10% bounty as an incentive. This suggests that while most hackers are unlikely to return stolen assets, offering bounties could encourage some to do so in the future.
Blockchain Targets: Binance’s BNB Chain Leads
Binance’s BNB Chain was the most targeted blockchain in Q1 2025, with 19 separate hacks recorded. Ethereum followed closely behind with 15 hacks. Analysts believe that hackers are increasingly targeting larger blockchain networks because of their high transaction volume and liquidity, which offer more opportunities for illicit gains. These trends highlight the risks associated with high-profile networks and the need for improved security measures across the crypto ecosystem.
State-Backed Actors Under Suspicion
Security experts have raised concerns that the scale and sophistication of some of these attacks, particularly the breaches involving Bybit and Phemex, could indicate involvement from state-backed actors. While there has been no official confirmation of government involvement, the sheer scale and precision of the hacks suggest that well-resourced groups with advanced hacking capabilities may be behind these attacks. This raises further concerns about the potential for geopolitical motivations behind crypto hacks.
A Growing Concern for Centralized Exchanges
With centralized exchanges now accounting for the vast majority of stolen funds, the pressure is mounting on these platforms to improve their security measures. Traditional security tools and protections have proven inadequate in preventing these large-scale breaches. As the cryptocurrency market continues to evolve, exchanges and platforms will need to invest heavily in advanced security technologies to protect user funds and restore trust within the industry.
The historic losses in Q1 2025 signal a growing threat to the cryptocurrency ecosystem, and as the industry matures, addressing these security vulnerabilities will become a key focus for all stakeholders involved.
Conclusion
The first quarter of 2025 saw crypto hacks soar to unprecedented levels, with centralized exchanges like Bybit and Phemex becoming the primary targets. As the market matures and more funds are at stake, the need for robust security protocols and greater vigilance has never been more critical. The trend of rising cyberattacks underscores the vulnerabilities in the current crypto landscape and the pressing need for comprehensive security solutions to safeguard digital assets from increasingly sophisticated hackers.
Related topics:
