About 2.47 billion dollars in cryptocurrency were stolen via scams, hacks and exploits in H1 2025, already exceeding the total amount lost in 2024, revealed new Certik data.
The sharp increase in cryptographic losses in 2025 is largely the result of two major security incidents – the incident of the violation of the Cetus appeal and protocol. Collectively, these incidents cost $ 1.78 billion, 72% of the total.
In the Bybit incident, the pirates stole $ 1.4 billion in cryptocurrency to Dubai-based exchange in February 2025. The famous actor of the North Korean state Lazarus is suspected of having carried out the attack of Ethereum, which is the largest flight of crypto never delighted.
The Cetus incident took place in May, when the attackers stole approximately $ 225 million in digital active ingredients in the Cetus protocol, the largest dex of the Blockchain SU.
The Validators SU have managed to freeze and return $ 162 million from stolen assets, following a governance proposal for the reimbursement of users.
Certik report Noted that without these two individual incidents, total losses in 2025 would amount to $ 690 million, which indicates that the wider trend may not be as serious as raw figures involve.
The co-founder of Certik, Rongui Gu, commented: “Although the global figures are alarming, it is important to emphasize that the majority of the funds lost in H1 were attributable to two concentrated and high impact events.”
He added: “But whatever, the results remind industry that there is still a lot of work to do. With regard to safety, a multilayer approach encompassing robust code audits, formal verification, real -time monitoring, response plans to incidents, vulnerability assessments and employee sentence training must be treated as the standard.”
Certik observed a total of 344 security incidents involving a cryptocurrency flight in H1 2025.
The average loss per incident was $ 7.18 million, which was significantly higher than in all of 2024, when the average losses were $ 3.1 million.
During the exclusion of frozen funds or returned by white hats pirates, net losses in H1 2025 are currently amounted to $ 2.29 billion. This is comfortably greater than $ 1.98 billion in net loss recorded for all 2024.
Phishing returns as the most lucrative vector in T2 2025
The portfolio compromise was the most expensive attack vector as a whole, with $ 1.7 billion stolen on 34 H1 2025 incidents.
This was largely the result of three incidents during the T1 2025, which led to the flight hackers of $ 1.45 billion. This included the appeal incident.
The portfolio compromise occurs when the private keys to a user or the recovery sentences are exposed, which results in the flight of digital assets of the compromised portfolio.
This contrasts with 2024, when phishing was the highest attack vector.
However, during the Q2 2025 analysis alone, phishing resumed the most expensive attack vector, with $ 395.06 million in losses recorded on 52 incidents.
On the other hand, the Wallet compromise was the fifth most expensive attack vector in the second quarter, with $ 11.2 million in losses recorded on two incidents.
Ethereum has experienced the greatest number of security incidents and losses in H1, with 175 incidents and $ 1.63 billion in losses. This was largely made up of the survey hack.
In Q2, Bitcoin has experienced the largest volume of losses, at $ 373.6 million out of nine incidents.
Ethereum experienced the highest volume of T2 incidents at 60, but the highest fourth losses at $ 37.2 million.
