Crypto Heists Hit Record High: Hackers Steal $1.6 Billion in Q1 2025

Image Credentials: Generated by Open Chronicle AI DALL·E

By Staff Writer with Agencies

The first quarter of 2025 has set an alarming record for cryptocurrency-related cyberattacks, with hackers stealing over $1.6 billion from digital asset platforms. This figure already surpasses the total losses recorded throughout 2024, when cybercriminals siphoned $1.49 billion. The dramatic increase in stolen funds highlights the growing threat posed by sophisticated hacking groups targeting cryptocurrency exchanges.

Massive Surge in Cyber Heists

According to data compiled by Immunefi, a leading Web3 security platform, the amount of funds stolen due to security breaches skyrocketed by 390% in Q1 compared to the same period last year. Notably, none of these losses were linked to fraud, which had accounted for $14.7 million in losses during the first quarter of 2024.

The report further reveals that a staggering 95% of these losses occurred on centralized finance (CeFi) platforms. CeFi refers to cryptocurrency exchanges and brokerage firms that facilitate digital transactions under regulatory oversight. Unlike decentralized finance (DeFi), where transactions are executed via smart contracts on blockchains, CeFi platforms rely on centralized infrastructure, making them prime targets for large-scale cyberattacks.

Two Major Attacks Dominate Q1 Losses

The bulk of the Q1 losses stemmed from two significant breaches: the Bybit exchange hack, which resulted in a loss of $1.46 billion, and the Phemex breach, which saw $69 million stolen. Together, these incidents accounted for over 90% of the total losses during the quarter.

Cybersecurity experts suspect that the North Korean hacking group Lazarus was behind these attacks. Investigations revealed traces of Lazarus-linked activities in the movement of stolen funds. Immunefi has underscored the increasing role of organized cybercriminal groups in orchestrating large-scale exploits, with CeFi platforms remaining a primary target due to their high-value transactions.

Why Are CeFi Platforms Vulnerable?

Immunefi’s analysis highlights the fundamental security risks of CeFi platforms. Unlike decentralized systems, where smart contract vulnerabilities may only allow partial or conditional fund access, CeFi platforms store large sums of cryptocurrency in centralized reserves. If hackers gain access to private keys or exploit security weaknesses, they can seize full control over user funds, leading to massive losses.

Declining Recovery Rates and Changing Attack Patterns

Despite the record-breaking losses, the number of successful attacks decreased by 36% compared to Q1 2024, dropping from 63 to 40. However, this decline in attack frequency did not translate into lower losses—on the contrary, the scale of successful heists grew dramatically.

The report also notes a concerning drop in the recovery of stolen assets. Only $6.5 million, or 0.4% of the stolen funds, were retrieved in Q1 2025, a stark contrast to the 21.2% recovery rate seen in the same period last year.

DeFi platforms, while less affected overall, still suffered 6% of the total exploits. The most impacted networks were Binance Smart Chain (BNB Chain) and Ethereum, which recorded 19 and 15 attacks, respectively.

A Growing Cybersecurity Challenge

Immunefi, which secures an estimated $190 billion in user funds across Web3 platforms, continues to track and analyze cyber threats in the crypto ecosystem. Their latest report underscores the urgent need for stronger security measures, particularly for centralized exchanges, which remain highly attractive targets for cybercriminals.

As digital assets gain mainstream adoption, the battle between cybersecurity firms and malicious actors is expected to intensify. Strengthening defenses and implementing robust security protocols will be critical in safeguarding the future of the cryptocurrency industry.