Crypto Hacks Netted Nearly $3B In 2025: Supply Chain Attack Exposes Exchange Vulnerabilities

Cybercriminals stole nearly $3 billion through cryptocurrency hacks and scams in 2025, with a single attack on a major exchange accounting for almost half of all losses. The staggering figure comes from data collected by Slowmist, which recorded 202 hack events throughout the year, highlighting growing vulnerabilities in digital asset security.

Background and Context

The cryptocurrency industry faced unprecedented security challenges in 2025, as attackers increasingly targeted exchanges, wallets, and blockchain networks. According to FBI statistics, cryptocurrency fraud now accounts for 50% of all financial fraud losses, reflecting the digital currency's growing prominence in global finance and its appeal to criminal networks.

Key Figures and Entities

The most significant incident occurred in February when hackers exploited vulnerabilities in a supplier to the ByBit exchange, resulting in the theft of over $1.46 billion worth of Ethereum. The attack involved the manipulation of digital wallet addresses during a transfer of 401,000 Ethereum coins. ByBit personnel believed they were moving funds to their own cold storage wallet but instead sent the entire amount to hacker-controlled addresses.

Analysis of the 2025 incidents shows the Ethereum ecosystem was the most frequently targeted, suffering 33 separate hacks and scams that resulted in $245 million in losses. The Binance Smart Chain (BSC) ecosystem experienced the second-highest number of attacks, with 25 events leading to approximately $20 million in stolen cryptocurrency.

Legal and Financial Mechanisms

Attackers employ increasingly sophisticated methods to compromise cryptocurrency security. "Clipper" malware, which monitors a victim's clipboard and automatically replaces copied wallet addresses with hacker-controlled alternatives, has proven particularly effective against users who rely on copy-paste functionality for complex wallet addresses. Even more dangerous is infostealer malware, which silently harvests credentials and sensitive data from browsers and crypto wallets, providing attackers with ongoing access to victims' digital assets.

According to cybersecurity experts, the fundamental design of cryptocurrency creates inherent vulnerabilities. "Crypto is ideal for cybercriminals because transactions are irreversible and nearly anonymous," said Marijus Briedis, chief technology officer at NordVPN. "There's no bank to freeze funds, no chargebacks, and assets quickly vanish through mixers or decentralized platforms. For hackers, it's the perfect heist: high reward, low traceability, and victims often lack legal recourse."

International Implications and Policy Response

The scale of cryptocurrency-related crime in 2025 has prompted renewed calls for enhanced security standards and regulatory oversight across the digital asset industry. Security experts emphasize that protecting cryptocurrency requires proactive measures, including the use of reputable exchanges and wallets, implementation of two-factor authentication, and careful verification of wallet addresses before transactions.

Some technology companies have begun developing specialized tools to address these threats. NordVPN recently introduced a crypto wallet address checker to its Threat Protection Pro service, which scans page content locally to identify cryptocurrency wallet addresses and checks them against databases of known fraudulent addresses. The tool provides warnings before users can send funds to potentially dangerous addresses, while preserving user privacy by sending only wallet addresses for verification.

Sources

This report draws on data from Slowmist, FBI cryptocurrency fraud statistics, and public reporting of the ByBit exchange incident. Additional context comes from cybersecurity industry analysis of malware trends affecting digital asset security in 2025.