In the first six months of 2025, crypto thefts reached an unprecedented $2.1 billion, setting a new record for illicit activity in the crypto space.
This marks a significant escalation from previous years, with infrastructure attacks and state-sponsored actors, particularly North Korea, driving the surge in losses.
Crypto Theft Reaches New Heights in H1 2025
In its latest report, TRM Labs, a blockchain intelligence firm, disclosed that between January and June 2025, the crypto sector endured nearly 75 distinct hacks and exploits. These attacks led to losses exceeding $2.1 billion,
This represented a 10% increase compared to the previous record of $2 billion stolen in the first half of 2022. Moreover, the amount is nearly equivalent to the funds stolen throughout all of 2024.
“The first half of 2025 has delivered a stark reminder of the crypto ecosystem’s vulnerabilities,” the report read.
TRM Labs noted that most of the stolen funds in the first half of 2025 (over 80%) resulted from infrastructure attacks. This includes tactics like stealing private keys and seed phrases or compromising platforms’ front end. On average, these incidents caused 10 times greater losses than other attacks, highlighting their outsized impact on the crypto ecosystem.
“Infrastructure attacks refer to attack techniques that target the technical backbone of the digital asset system to gain unauthorized control, mislead users, or reroute assets. Often enabled by social engineering or insider access, these breaches expose critical weaknesses at the foundation of cryptosecurity,” TRM added.
The firm also revealed that protocol exploits accounted for 12% of the stolen funds. This involves flash loans and re-entrancy attacks.
Malicious actors exploit vulnerabilities in a blockchain protocol’s underlying logic or smart contracts. This allows them to extract funds or disrupt the system’s functionality.
Meanwhile, hackers stole over $100 million in January, April, May, and June. However, the industry witnessed the biggest losses in February with the Bybit hack. BeInCrypto reported that the North Korean Lazarus Group stole $1.5 billion from the exchange.
“This incident alone accounted for nearly 70% of total losses so far this year, pushing the average hack size to nearly $30 million — double the $15 million average in H1 2024,” the report stated.
It is important to note that the Bybit breach is not an isolated incident for North Korea-linked groups. In fact, state-sponsored groups have been tied to numerous high-profile hacks.
TRM Labs pointed out that North Korea-affiliated groups were behind $1.6 billion of the total stolen funds. Moreover, the report highlighted that other state actors are increasingly using crypto hacks as a tool for geopolitical leverage.
The latest Nobitex hack is an example of this. On June 18, pro-Israel hacking group Gonjeshke Darande (Predatory Sparrow) targeted Iran’s largest crypto exchange, resulting in a loss of over $90 million.
“Such events underscore how digital asset theft is becoming a covert instrument in geopolitical conflicts and national policy,” TRM Labs added.
To combat these exploits, TRM Labs advocated for a multi-layered defense strategy. Recommendations include regular security audits, multi-factor authentication (MFA), and using cold storage.
The firm emphasized the need for advanced defenses against state-level threats, such as improved insider threat detection and countermeasures for social engineering. Lastly, TRM Labs stressed the importance of global collaboration among law enforcement, financial intelligence units, and blockchain intelligence firms to track stolen funds and prosecute cybercriminals.
The post Crypto Theft Hits Record $2.1 Billion in Stolen Funds in H1 2025, TRM Labs Reports appeared first on BeInCrypto.
