Front-end and private key exploits drove over $2 billion in crypto thefts during H1 2025: report
Quick Take Infrastructure breaches — private-key thefts, seed-phrase heists, and front-end hijacks — drove 80% of the $2.1 billion stolen in H1 2025, TRM Labs says. The security startup called for improvements in information sharing among industry players and better onchain systems to combat the growing threat.
Hackers looted $2.1 billion from the cryptocurrency sector in the first half of 2025, and more than 80% of that haul stemmed from infrastructure attacks, blockchain intelligence firm TRM Labs said in a Thursday report .
Private-key thefts, seed-phrase exploits, and front-end hijacks—often enabled by social-engineering or compromised insider access—averaged ten times the size of other exploits, according to TRM. DeFi flaws also remained a problem. Flash loans and re-entrancy exploits on smart contracts accounted for another 12 percent of losses, a sign of prevalent vulnerabilities in onchain protocols.
The six-month tally already rivals all of 2024 and tops the previous H1 record from 2022 by about 10 percent. Notably, one large incident skewed the numbers; February’s $1.5 billion Bybit hack, which TRM attributes to North Korea. That single strike pushed the average hack size to $30 million, double last year’s pace.
TRM estimates North Korea-linked groups stole $1.6 billion, or 70 percent of H1 totals, as the regime leans on crypto theft to fund weapons programs. The report also cites a June breach at Iran’s Nobitex exchange —carried out by the Israel-aligned hacker group Gonjeshke Darande—that resulted in $90 million being sent to “unspendable” wallets during a period of heightened geopolitical tension in the Middle East.
To address the security issues plaguing the crypto industry, TRM urged protocols and services to enhance multi-factor authentication and improve cold storage. The firm also proposed tighter insider-threat defenses while law enforcement agencies boost cross-border coordination.
Crypto also needs better industry-wide teamwork to sustain anti-theft efforts, TRM added. “The path forward requires multifaceted collaboration,” the report said. “H1 2025’s record thefts are a stark call to action for a collective, sustained, and strategically aligned security posture — one prepared not just for crime, but for covert acts of statecraft. Proactive information sharing and coordinated international approaches to prosecuting state-sponsored cybercriminals are paramount for effective deterrence.”
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Crypto Market Gains $250B in 24 Hours
Ethena Labs Expands Collateral for USDe Adding BNB, XRP
Crypto Investor Loses $1M in Ethereum Scam Exploit
Ethereum Surpasses 2021 Peak Following Major Market Rally
Trending news
MoreCrypto prices
More
