This research report documents 147 cryptocurrency security incidents that occurred during the 2025 calendar year, resulting in aggregate documented losses of $3,218,226,454 USD. The data presents factual forensic information regarding protocol breaches, user-level compromises, and infrastructure vulnerabilities identified across blockchain networks and cryptocurrency platforms throughout 2025.
Documented Findings:
- Total quantified losses: $3,218,226,454
- Mean loss per incident: $22,348,795
- Median incident magnitude: $1,100,000
- Maximum single incident: $1,400,000,000 (Bybit, February 21, 2025)
- Documented incident count: 147 events
- Access control incidents: 41 incidents accounting for $2,020,549,000 (62.8% of total losses)
- Ethereum network incidents: 49 incidents accounting for $1,951,707,000 (60.6% of total losses)
- Centralized Exchange incidents: 10 incidents accounting for $1,724,500,000 (53.5% of total losses)
Annual Loss Distribution
Quantified Losses and Statistical Profile
The 2025 cryptocurrency incident dataset contains 147 documented security events with aggregate losses of $3,218,226,454. Loss distribution statistics reveal:
Statistical Metrics:
- Mean incident loss: $22,348,795
- Median incident loss: $1,100,000
- Minimum documented loss: $3,500
- Maximum documented loss: $1,400,000,000
- Standard deviation: $107,840,654 (indicating wide variance in incident magnitudes)
The distribution pattern shows concentration in high-impact incidents—the top 10 incidents account for $2,570,000,000 (79.8% of total documented losses), while the remaining 137 incidents total $648,226,454 (20.2% of losses).
Attack Vector Distribution
The 2025 incident dataset identifies specific attack vectors across documented security events. Access control incidents represent the largest identified category, with 41 incidents resulting in $2,020,549,000 in quantified losses (62.8% of total documented losses).
Documented Attack Vector Classification:
| Attack Vector | Total Losses | Incident Count | Average Loss | Percentage |
| Access Control | $2,020,549,000 | 41 | $49,280,000 | 62.8% |
| Other/Unclassified | $664,791,700 | 58 | $11,461,000 | 20.7% |
| Phishing | $452,295,000 | 7 | $64,613,000 | 14.1% |
| Contract Vulnerability | $28,734,900 | 16 | $1,795,606 | 0.9% |
| Oracle Issue | $18,774,998 | 8 | $2,346,875 | 0.6% |
| Security Vulnerability | $15,540,000 | 2 | $7,770,000 | 0.5% |
| Domain Hijacking | $8,600,000 | 2 | $4,300,000 | 0.3% |
| Flash Loan Attack | $3,757,856 | 5 | $751,571 | 0.1% |
| Reentrancy | $2,690,000 | 2 | $1,345,000 | 0.1% |
| Human Error | $1,650,000 | 1 | $1,650,000 | 0.05% |
| Governance Attack | $830,000 | 1 | $830,000 | 0.03% |
| Business Logic Flaw | $13,000 | 1 | $13,000 | 0.0004% |
Blockchain Network Analysis
Ethereum Network Incident Classification
The Ethereum network accounts for 49 documented incidents in 2025 with aggregate losses of $1,951,707,000, representing 60.6% of total documented cryptocurrency losses.
Ethereum Network Data:
- Total documented losses: $1,951,707,000
- Incident count: 49 events
- Average loss per incident: $39,830,760
- Median loss: $2,700,000
- Access control incidents: 26 events on Ethereum
Major Ethereum Incidents:
- Bybit (February 21, 2025): $1,400,000,000 | Access Control
- Balancer (November 3, 2025): $128,000,000 | Access Control
- Stream Finance (November 4, 2025): $93,000,000 | Unclassified
- Infini (February 24, 2025): $50,000,000 | Access Control
- UPCX (April 1, 2025): $70,000,000 | Access Control
Bitcoin Network Incident Data
Bitcoin network incidents total 4 documented events with aggregate losses of $444,100,000, representing 13.8% of total 2025 cryptocurrency losses.
Bitcoin Network Data:
- Total documented losses: $444,100,000
- Incident count: 4 events
- Average loss per incident: $111,025,000
- Identified attack vectors: Phishing (2 incidents totaling $421M)
Bitcoin Incidents:
- BTC Phishing-Single User (April 28, 2025): $330,000,000 | Phishing
- Phishing (August 19, 2025): $91,000,000 | Phishing
- Remaining incidents: Total $23,100,000
Multi-Blockchain Loss Distribution
Loss distribution across blockchain networks and exchange platforms in 2025:
| Blockchain | Total Losses | Incident Count | Average Loss | Percentage |
| Ethereum (ETH) | $1,951,707,000 | 49 | $39,830,760 | 60.6% |
| Bitcoin (BTC) | $444,100,000 | 4 | $111,025,000 | 13.8% |
| Other Chains | $300,759,998 | 13 | $23,135,385 | 9.3% |
| Centralized Exchanges | $237,500,000 | 6 | $39,583,333 | 7.4% |
| Solana (SOL) | $93,400,000 | 5 | $18,680,000 | 2.9% |
| Arbitrum (ARB) | $62,493,000 | 9 | $6,943,667 | 1.9% |
| BNB Chain (BSC) | $60,319,600 | 36 | $1,675,544 | 1.9% |
| Unspecified | $31,366,000 | 6 | $5,227,667 | 1.0% |
Protocol Category Impact Analysis
Centralized Exchange (CeFi) Incidents
Centralized exchange platforms and custodial services documented 10 incidents in 2025 with aggregate losses of $1,724,500,000, representing 53.5% of total documented cryptocurrency losses.
Centralized Exchange Incidents:
- Bybit (February 21, 2025): $1,400,000,000 | Access Control
- Nobitex (June 18, 2025): $82,000,000 | Access Control
- BtcTurk (August 14, 2025): $48,000,000 | Access Control
- CoinDCX (July 20, 2025): $44,000,000 | Access Control
- Phemex (January 23, 2025): $37,000,000 | Unclassified
- Upbit (November 27, 2025): $36,000,000 | Unclassified
- BigONE (July 16, 2025): $28,000,000 | Access Control
- WOO X (July 24, 2025): $14,000,000 | Phishing
- SBI Crypto (September 24, 2025): $24,000,000 | Access Control
- BitoPro BitoGroup (May 8, 2025): $11,500,000 | Access Control
Decentralized Exchange (DEX) Incidents
Decentralized exchange protocols documented 20 incidents with aggregate losses of $535,017,000, representing 16.6% of total documented losses.
Major DEX Incidents:
- Cetus (May 22, 2025): $260,000,000 | Unclassified
- Balancer (November 3, 2025): $128,000,000 | Access Control
- GMX (July 9, 2025): $42,000,000 | Unclassified
- Bunni (September 2, 2025): $8,400,000 | Unclassified
- Abracadabra (March 25, 2025): $13,000,000 | Unclassified
- CrediX (August 4, 2025): $4,500,000 | Access Control
- Additional 14 incidents: $78,917,000
Additional Protocol Categories
Yield Aggregators: 17 incidents, $33,387,998 total losses
- Cork: $12,000,000 (May 28, 2025)
- Yearn Finance: 2 incidents totaling $9,300,000
- Resupply: $9,500,000 (June 26, 2025)
- Remaining 14 incidents: $2,587,998
Borrowing & Lending: 15 incidents, $66,853,856 total losses
- Moonwell: $3,700,000 (November 4, 2025) | Oracle Issue
- BetterBank: $5,000,000 (August 26, 2025)
- zkLend: $9,500,000 (February 12, 2025)
- Remaining 12 incidents: $48,653,856
Bridge Protocols: 5 incidents, $19,617,000 total losses
- Garden Finance: $11,000,000 (October 30, 2025)
- ZKSwap: $5,000,000 (July 9, 2025)
- Shibarium: $2,400,000 (September 15, 2025)
- Seedify: $1,200,000 (September 23, 2025)
- 402Bridge: $17,000 (October 27, 2025)
| Protocol Category | Total Losses | Incident Count | Percentage |
| Centralized Exchange | $1,724,500,000 | 10 | 53.5% |
| Other/Unclassified | $611,208,000 | 29 | 19.0% |
| DEX (Decentralized Exchange) | $535,017,000 | 20 | 16.6% |
| Stablecoin | $144,900,000 | 4 | 4.5% |
| Borrowing & Lending | $66,853,856 | 15 | 2.1% |
| Yield Aggregator | $33,387,998 | 17 | 1.0% |
| DeFi | $29,797,900 | 21 | 0.9% |
| Gaming/Metaverse | $21,391,000 | 4 | 0.7% |
| Bridge | $19,617,000 | 5 | 0.6% |
Major Incident Case Studies
Bybit Exchange Incident — February 21, 2025
Protocol: Bybit
Date: February 21, 2025
Classification: Centralized Exchange | Access Control
Documented Loss: $1,400,000,000 USD
Blockchain: Ethereum
The Bybit incident on February 21, 2025 resulted in documented losses of $1,400,000,000, representing the largest single documented cryptocurrency security event in 2025 (43.5% of total annual losses). The incident was classified as an access control vulnerability affecting the centralized exchange platform.
BTC Phishing Incident — April 28, 2025
Classification: Bitcoin User-Level Compromise | Phishing
Date: April 28, 2025
Documented Loss: $330,000,000 USD
Blockchain: Bitcoin
This incident resulted in documented losses of $330,000,000 to a single user entity through phishing-based credential compromise. The incident represents the second-largest documented loss in 2025 (10.2% of total losses) and accounts for a substantial portion of Bitcoin-specific losses in the dataset.
Cetus Protocol Incident — May 22, 2025
Protocol: Cetus
Date: May 22, 2025
Classification: Decentralized Exchange | Unclassified
Documented Loss: $260,000,000 USD
Blockchain: Multi-chain
The Cetus incident on May 22, 2025 resulted in documented losses of $260,000,000 (8.1% of total annual losses). The incident was classified as an unclassified vulnerability affecting the decentralized exchange protocol.
Balancer Exchange Incident — November 3, 2025
Protocol: Balancer
Date: November 3, 2025
Classification: Ethereum DeFi Exchange | Access Control
Documented Loss: $128,000,000 USD
Blockchain: Ethereum
The Balancer incident on November 3, 2025 resulted in documented losses of $128,000,000 (4.0% of total annual losses). The incident involved an access control vulnerability in the protocol’s liquidity management infrastructure.
Top 10 Summary
The top 10 incidents by documented loss amount are:
| Rank | Protocol | Date | Loss | Percentage |
| 1 | Bybit | Feb 21 | $1,400,000,000 | 43.5% |
| 2 | BTC Phishing-Single User | Apr 28 | $330,000,000 | 10.2% |
| 3 | Cetus | May 22 | $260,000,000 | 8.1% |
| 4 | Balancer | Nov 3 | $128,000,000 | 4.0% |
| 5 | Stream Finance | Nov 4 | $93,000,000 | 2.9% |
| 6 | Phishing | Aug 19 | $91,000,000 | 2.8% |
| 7 | Nobitex | Jun 18 | $82,000,000 | 2.5% |
| 8 | UPCX | Apr 1 | $70,000,000 | 2.2% |
| 9 | Infini | Feb 24 | $50,000,000 | 1.6% |
| 10 | UXLINK | Sep 22 | $48,000,000 | 1.5% |
Collective Top 10 Total: $2,570,000,000 (79.8% of total 2025 losses)
Remaining 137 Incidents: $648,226,454 (20.2% of total losses)
Attack Vector Incident Analysis
Access Control Incidents
Access control incidents total 41 documented events in 2025 with aggregate losses of $2,020,549,000 (62.8% of total documented losses).
Access Control Incident Metrics:
- Total incidents: 41 events
- Aggregate losses: $2,020,549,000
- Average loss per incident: $49,280,000
- Median loss per incident: $2,400,000
- Percentage of total: 62.8%
Access Control Incidents Identified Across:
- Centralized exchanges: 9 incidents totaling $1,408,000,000
- Decentralized protocols: 26 incidents totaling $569,049,000
- Token/NFT contracts: 6 incidents totaling $43,500,000
Phishing Incidents
Phishing incidents total 7 documented events in 2025 with aggregate losses of $452,295,000 (14.1% of total documented losses).
Phishing Incident Metrics:
- Total incidents: 7 events
- Aggregate losses: $452,295,000
- Average loss per incident: $64,613,000
- Incidents: BTC Phishing-Single User ($330M), Phishing ($91M), Suji Yan ($4M), Zerobase ($240K), MUBARA ($55K), Venus ($13M), WOO X ($14M)
Unclassified/Other Incidents
The “Other” or unclassified category comprises 58 incidents with aggregate losses of $664,791,700 (20.7% of total documented losses). These incidents could not be definitively classified into standard attack vector categories.
Unclassified Incidents:
- Total incidents: 58 events
- Aggregate losses: $664,791,700
- Average loss per incident: $11,461,000
- Percentage of total: 20.7%
- Notable incidents: Cetus ($260M), Stream Finance ($93M), GMX ($42M), other unspecified vulnerabilities
Specialized Attack Vectors
Contract Vulnerability Incidents: 16 incidents, $28,734,900 aggregate losses (0.9%)
Oracle-Related Incidents: 8 incidents, $18,774,998 aggregate losses (0.6%)
Security Vulnerability Incidents: 2 incidents, $15,540,000 aggregate losses (0.5%)
Domain Hijacking Incidents: 2 incidents, $8,600,000 aggregate losses (0.3%)
Flash Loan Attack Incidents: 5 incidents, $3,757,856 aggregate losses (0.1%)
Reentrancy Incidents: 2 incidents, $2,690,000 aggregate losses (0.1%)
Blockchain Network Incident Distribution
Ethereum Network Events
Ethereum network incidents in 2025 total 49 documented events with aggregate losses of $1,951,707,000 (60.6% of total losses).
Ethereum Incident Metrics:
- Total incidents: 49 events
- Aggregate losses: $1,951,707,000
- Average loss per incident: $39,830,760
- Access control incidents: 26 events
- Notable incidents: Bybit ($1.4B), Balancer ($128M), Stream Finance ($93M), Infini ($50M), UPCX ($70M)
Bitcoin Network Events
Bitcoin network incidents in 2025 total 4 documented events with aggregate losses of $444,100,000 (13.8% of total losses).
Bitcoin Incident Metrics:
- Total incidents: 4 events
- Aggregate losses: $444,100,000
- Average loss per incident: $111,025,000
- Identified attack vectors: Phishing (2 incidents totaling $421M)
- Additional incidents: $23,100,000
Alternative Blockchain Incidents
Incidents on alternative blockchain networks in 2025:
| Network | Incidents | Losses | Average |
| Solana | 5 | $93,400,000 | $18,680,000 |
| Arbitrum | 9 | $62,493,000 | $6,943,667 |
| BNB Chain | 36 | $60,319,600 | $1,675,544 |
| Linea | 2 | $1,094,856 | $547,428 |
| Base | 9 | $7,957,000 | $884,111 |
| Optimism | 1 | $427,000 | $427,000 |
| ZKsync | 1 | $5,000,000 | $5,000,000 |
| Fuse | 1 | $320,000 | $320,000 |
| HYPEREVM | 2 | $21,782,000 | $10,891,000 |
| Unspecified | 6 | $31,366,000 | $5,227,667 |
Total Alternative Network Losses: $284,159,456 across 72 incidents
Monthly Distribution Analysis
Incident Frequency and Loss Magnitude by Month
The 2025 incident distribution across monthly periods reveals variable frequencies and loss magnitudes:
| Month | Incident Count | Total Loss | Average Loss | Median Loss |
| January | 17 | $70,576,500 | $4,151,559 | $48,000 |
| February | 9 | $1,476,098,500 | $164,010,944 | $50,000,000 |
| March | 13 | $26,697,000 | $2,053,615 | $340,000 |
| April | 14 | $430,040,000 | $30,717,143 | $1,000,000 |
| May | 9 | $287,716,000 | $31,968,444 | $500,000 |
| June | 11 | $114,768,000 | $10,433,455 | $400,000 |
| July | 13 | $146,808,000 | $11,292,923 | $355,000 |
| August | 8 | $155,999,600 | $19,499,950 | $5,500,000 |
| September | 17 | $161,118,000 | $9,477,529 | $420,000 |
| October | 11 | $40,361,854 | $3,669,259 | $147,000 |
| November | 12 | $290,550,000 | $24,212,500 | $8,700,000 |
| December | 13 | $17,493,000 | $1,345,615 | $200,000 |
Total: 147 incidents, $3,218,226,454 losses
Loss Distribution Concentration
The 2025 dataset demonstrates significant concentration in high-impact incidents:
- Top 10 incidents: $2,570,000,000 (79.8% of total)
- Top 20 incidents: $3,045,000,000 (94.6% of total)
- Remaining 127 incidents: $173,226,454 (5.4% of total)
Temporal Incident Patterns
Monthly incident frequency ranged from 8 events (August) to 17 events (January and September). The dataset does not indicate significant seasonal clustering of incidents—incidents distributed relatively evenly across the year with notable loss concentration in specific months (February, April, May, November) driven by individual high-impact events.
Forensic Methodology and Data Integrity
Source Data Characteristics
This forensic analysis examines 147 distinct cryptocurrency security incidents documented throughout 2025. Data extracted exclusively from the provided dataset without external validation, synthesis, or supplementary research sources.
Data Integrity Standards Applied:
- No speculation regarding undocumented incident details
- Conservative loss quantification using documented amounts
- Direct classification from provided incident taxonomy
- No harmonization of inconsistent classifications
- Original denomination preservation (USD values as documented)
Limitations and Analytical Constraints
Known Limitations:
- Dataset excludes alleged or suspected incidents without documentation
- Undisclosed breaches and negligence-based losses not captured
- Some incidents classified as “Other” lacking forensic specificity
- Recovery and restitution mechanisms not analyzed
- Post-incident protocol hardening effectiveness not evaluated
Methodology Considerations:
- Analysis reflects quantified losses only (reputational harm excluded)
- Attribution and perpetrator identification not within scope
- Individual incident causation analysis not performed for this executive summary
- Cross-incident pattern correlation limited to documented taxonomy
Data Validation and Quality Assurance
Loss figures presented directly from source dataset without adjustment, estimation, or extrapolation. All percentages calculated directly from provided amounts. Classification hierarchies preserved as documented without harmonization or interpretation.
Industry Security Roadmap and Recommendations
Protocol Hardening Priorities
Based on 2025 forensic analysis, the following security priorities should guide protocol development:
Priority 1: Access Control Architecture Review
- Access control failures caused 62.8% of 2025 losses
- Immediate audit and redesign of privilege management systems
- Implementation of principle of least privilege across all operations
- Role-based access control (RBAC) with temporal constraints
Priority 2: Smart Contract Security Standards
- Establish baseline audit requirements for protocols managing >$10M TVL
- Mandatory staged rollouts for new protocol features
- External security assessment prerequisites for capital deployment
Priority 3: Phishing Resistance Programs
- User education initiatives for high-net-worth participant protection
- Hardware wallet integration standards for institutional custody
- Multi-factor authentication mandates for exchange access
Priority 4: Oracle Security Infrastructure
- Decentralized price feed architectures to eliminate single points of failure
- Multiple oracle provider requirements for critical price feeds
- Circuit breaker mechanisms during abnormal price movements
Institutional Risk Management Framework
Institutions operating in cryptocurrency ecosystems should implement risk management frameworks responsive to 2025 threat landscape:
- Incident Probability Assessment – Access control incidents affect 27.9% of all DeFi protocols; probability must inform risk capital allocation
- Loss Magnitude Quantification – Average access control incident: $49.3M; institutions must size exposure accordingly
- Diversification Requirements – No single protocol category should exceed 15% of total cryptocurrency exposure given 2025 concentration risks
- Custody Architecture – Multi-signature requirements for assets exceeding $5M threshold
- Insurance Coverage – Protocol insurance for 25%+ of institutional exposure
Regulatory and Standards Development
The cryptocurrency industry requires formal standards development addressing 2025’s forensic findings:
- Smart Contract Audit Standards – Establish minimum security assessment requirements
- Incident Classification Framework – Standardize vulnerability taxonomy to reduce “Other” category ambiguity
- Disclosure Requirements – Mandate timely security incident communication to users
- Recovery Mechanisms – Protocol-level fund recovery procedures for documented theft incidents
Forensic Conclusions
Summary of Critical Findings
The 2025 cryptocurrency forensic audit reveals a sector facing systematic access control vulnerabilities creating concentrated risk in high-value protocols. Key conclusions:
- Access Control as Critical Infrastructure Risk – 62.8% of losses trace to access control failures, establishing this attack vector as primary security focus
- Ethereum Risk Concentration – 60.6% of losses on single blockchain creates systemic risk for ecosystem participants
- CeFi Platform Vulnerability – Centralized exchanges responsible for 53.5% of total losses despite representing 6.8% of incident count
- Phishing Persistence – User-level compromise remains effective vector, achieving $64.6M average loss despite 7 documented incidents
- Unknown Risk Vectors – 20.6% of losses from unclassified vulnerabilities indicates emerging attack methodologies
Outlook and Industry Evolution
The 2025 security landscape establishes baseline expectations for cryptocurrency protocol design:
- Auditing becomes mandatory for protocols managing material capital
- Multi-signature authentication transitions from optional to required for institutional custody
- Incident response planning becomes core organizational competency
- Risk disclosure standards align with traditional finance compliance requirements
- Insurance mechanisms mature as infrastructure component rather than optional layer
Final Assessment
The cryptocurrency sector in 2025 demonstrates both profound security vulnerabilities and capacity for continuous improvement. The $3.22 billion loss aggregate represents tragic outcome for affected users but simultaneously catalyzes systemic hardening across protocol development, institutional custody practices, and regulatory frameworks.
References
Data source: Crypto Hacks Database
Download File: https://github.com/Cryip/Crypto-hacks-2025-dataset
Dataset Methodology: All figures, incident counts, and loss quantification derived directly from provided primary source documentation. Loss amounts presented in USD denomination as documented. Incident classifications reflect provided taxonomy without external modification or supplementary research sources.
