Crypto losses to hacks & scams hit $1.6B in 2025, up 8x YoY: Immunefi
The crypto sector has recorded a surge in security incidents throughout the first half of 2025, with overall losses estimated at $1.6 billion, as shown in the latest report by blockchain security company Immunefi.
The uptick is an 8-fold rise from the same time frame in 2024, during which losses totaled around $200 million.
February 2025 witnessed $1.53 billion lost in nine particular hacking incidents. The amount represents a 20x jump from January’s comparatively lesser losses of $73.9 million and an 18x jump from February 2024, when the losses at $81.6 million were recorded.
The February increase was led mostly by a single $1.46 billion Bybit hack, which contributed 95.5% of the total losses for the month alone. The hack now ranks as one of the largest crypto heists ever.
CeFi platforms most affected
Though decentralized finance (DeFi) platforms have conventionally been the biggest target of crypto hackers, February 2025 witnessed an increase towards centralized finance (CeFi) services. Immunefi, in its report, explains that CeFi held 95.5% of February losses through the hack of Bybit. Meanwhile, DeFi encountered eight individual hacks that amounted to merely 4.5% of the losses of the month.
Apart from Bybit’s $1.46 billion loss, the second largest event was the $49.5 million stablecoin bank Infini hack. zkLend ($9.5 million), Ionic Money ($8.6 million), and Cardex ($400,000) were other high-profile victims, with the last four events yielding relatively small losses ranging from $8,500 to $183,000.
In contrast to DeFi protocols, where code vulnerabilities are the usual attack route, exchange hacks often involve social engineering, private key breaches, or insider threats.
BNB Chain and Ethereum were the most targeted
The Immunefi report shows that the majority of attacks came to BNB Chain and Ethereum. The two networks alone had 72.8% of the cumulative losses in the targeted networks, with four unique attacks each in February 2025.
Outside of the two dominant networks, the report saw three additional chains that all experienced a single attack in February: Abstract, Mode, and Optimism. The multi-chain nature of the attacks poses a difficulty for security experts and protocol teams. Each of the blockchains has its technical architecture, smart contract frameworks, and potential weak points. This requires specialized knowledge and customized security methods.
2025 losses already surpass the entire 2024 total
The volume of funds lost in just the first two months of 2025 has already exceeded the $1.49 billion total for all of 2024. The growth in hack-related losses comes at a time when the industry has been making considerable investments in security infrastructure.
Immunefi itself reports that it offers over $180 million in available bounty rewards and has paid out over $112 million in total bounties to white hat hackers who responsibly disclose vulnerabilities. These efforts have reportedly saved over $25 billion in user funds, yet clearly haven’t prevented all major exploits.
Cryptopolitan Academy: Tired of market swings? Learn how DeFi can help you build steady passive income. Register Now
Recommended Articles
