In the first quarter of 2025, over $2 billion was lost due to hacks in the cryptocurrency sector.
A recent analysis revealed that approximately $1.63 billion of this amount was a result of access control vulnerabilities. Anmol Jain, the vice president of investigations at a crypto forensics company, noted that the substantially high losses are largely linked to the recent Bybit exchange hack.
This data aligns closely with figures presented by another cybersecurity firm, which reported that crypto hack losses reached $1.6 billion in Q1 2025, excluding scams.
Total losses from crypto hacks in Q1 2025 by category.
Reports from late February indicated that the North Korean hackers responsible for the $1.4 billion breach of Bybit oversee over 11,000 cryptocurrency wallets that are used to launder illicit funds. The escalating involvement of state-sponsored actors from North Korea demonstrates a growing sophistication and scale of these cyber attacks.
This significant breach heavily influenced the quarter’s statistics, especially when considering that the total losses for all of 2024 amounted to $2.25 billion. A key takeaway shared in the analysis was:
“Protecting digital assets requires more than just secure code on the blockchain — every component, from front-end interfaces to internal protocols, should be fortified, as a single vulnerability can jeopardize the entire system.”
No entity is immune
The findings pointed out that recent months have witnessed even the largest centralized and decentralized platforms fall victim to operational errors, access control flaws, and occasionally, social engineering tactics. There were no significant new vulnerabilities reported this quarter, but existing attack methods remained notably effective.
While vulnerabilities in smart contracts still pose risks, the report indicates that the majority of damage is now due to failures within people, processes, or permission systems. Moreover, this marks the third consecutive quarter where multisignature wallet-related hacks have been identified as the leading exploit.
The Bybit hack involved a compromise of the Safe{Wallet} front end. Previous incidents related to multisignature wallets include the hack at Radiant Capital in Q4 2024 and the one at WazirX in Q3 2024.
The dark side of crypto scams
Scamming activities also contributed significantly to financial losses, with reports indicating that phishing scams accounted for $96.37 million and rug pulls totaled around $300 million. Jain pointed out a concerning trend where scam networks are becoming more sophisticated:
“The most alarming trend is the professional evolution of scam operations, where criminals function with startup-like efficiency, employing training programs for scammers, setting internal quotas, and establishing multi-stage laundering schemes utilizing platforms like Huione Pay.”
This revelation follows reports from mid-January indicating that Huione has emerged as one of the largest online illicit marketplaces and has seen a 51% increase in monthly inflows over the past six months, subsequent to the platform’s launch of a USD-pegged stablecoin and services targeting illegal activities.
Jain revealed that a majority of the so-called “pig butchering” scams originate from Southeast Asia, particularly in countries like Cambodia, Myanmar, and Laos, with a presence in Thailand as well. The operatives frequently “employ” trafficking victims from India, Nepal, Vietnam, and the Philippines.
Magazine: China’s ‘point running’ crypto scams, pig butchers kidnap kids: Asia Express