Spanish
The year 2025 was marked by record losses in attacks and fraud in the cryptocurrency universe. In the first half of the year alone, thefts already totaled $2.17 billion, surpassing the total value recorded in 2024, according to Chainalysis. Projections indicate that 2025 could end with more than $4 billion in diverted assets, an all-time high.
ESET, a leading company in proactive threat detection, reviews some of the main cases that occurred in 2025 and how seemingly simple vulnerabilities resulted in millionaire robberies that shook the cryptocurrency market. This scenario of vulnerability contrasts with the growing institutionalization of the sector where cryptocurrency ETFs registered record inflows of $5.95 billion and corporate investors such as Strategy (formerly MicroStrategy) announced new Bitcoin purchases, the market exposed its security weaknesses.
“The BBC pointed out that the $1.5 billion attack on the Bybit exchange, attributed to hackers linked to North Korea, was the largest in history, thus symbolizing this contradiction: even with regulatory and technical advances, known flaws continue to be exploited,” comments Camilo Gutiérrez Amaya, Head of the Research Laboratory at ESET Latin America.
You can also read: Karl-Anthony Towns surprises with finding of Yamamoto "1-of-1" card sold for US$72,000
The year 2025 is consolidating as a period of historic losses for the cryptoasset market. According to CertiK, the industry lost almost $2.5 billion to attacks and scams in the first six months of the year alone. Chainalysis, on the other hand, noted that the volume of stolen cryptoassets in the same period exceeded the $2.17 billion mark recorded throughout 2024. At this rate, according to ESET, losses could exceed $4 billion by the end of the year, making 2025 the year with the most assets diverted in the history of cryptocurrencies. ESET analyzes the most significant incidents of the year, illustrating how vulnerabilities of different nature can result in multimillion-dollar losses: 1. Attacks on exchanges and centralized platforms (CEX): Among the most emblematic episodes is the attack on Bybit, which resulted in the theft of approximately 1.5 billion dollars in Ethereum, the largest ever recorded in the history of cryptocurrencies.In this case, the attackers did not directly violate the exchange's servers, but rather compromised an external provider of the platform, changing the wallet address where the funds were transferred. ByBit thought it was transferring the funds to its own digital wallet, but sent it all to the hackers. The sophistication of the operation revealed how trust chains and external integrations can become entry points for highly specialized criminals.
ESET - Press Release- Exploits in DeFi protocols: The attack on Balancer, which caused losses of over 100 million dollars, highlighted one of the recurring weaknesses in the DeFi space: errors in the code. A bug in the smart contract allowed unauthorized withdrawals, exposing how small logical flaws can be exploited to compromise an entire protocol. The impact extended to derivative projects, such as Beets Finance, which also reported million-dollar losses. These incidents reinforce the importance of continuous and independent audits, a challenge for protocols that prioritize innovation and speed of launch.
- Phishing scams: While large platforms suffered coordinated attacks, individual users remained the preferred targets. Phishing scams, in which victims are tricked into voluntarily giving up their credentials, generated 410 million dollars in losses, according to Certik. It is estimated that attacks targeting individuals accounted for 23.35% of all funds stolen in the period, a sign that social engineering remains as efficient as technical intrusions.
- Historical attacks and bridge vulnerabilities: Although no major incidents related to bridges occurred in 2025, this type of attack remains one of the most destructive. The memory of the Ronin bridge case, in 2022, when 600 million dollars were stolen, remains a permanent alert. These failures show how the interconnectivity between networks, essential for the scalability of the cryptographic ecosystem, also amplifies the attack surface and can turn a single code error into a systemic collapse.
"Recent attacks reveal the increasing level of professionalization of cybercrime related to cryptocurrencies. Even with the growing technical and regulatory maturity of the ecosystem, cybercriminals have shown that they are still one step ahead in 2025, improving methods, exploiting known loopholes and diversifying targets. While the industry has matured in regulation, transparency and infrastructure, many of the attacks exploited human errors, poorly managed integrations and unaudited code, points that innovation alone does not eliminate", Gutierrez Amaya highlights.
