State actors lead historical wave of attack
According to new data, the first half of 2025 has become the most harmful half of the year in the history of cryptocurrencies, according to new data with over $ 2.1 billion that were stolen in more than 75 different incidents.
According to a current one Message This means an increase of 10% compared to the previous record from the first half of 2022 and corresponds to almost the entire crypto loss of the entire year 2024.
The $ 1.5 billion hack at Bybit: a turn
The focus of the explosive figures for 2025 is the attack on Dubai's bybit in February, in which $ 1.5 billion was captured. North Korea is suspected as a mastermind behind the attack, which is the largest crypto hack ever recorded. This single event made up almost 70% of all stolen funds this year and increased the average amount of the hacker attacks to $ 30 million, twice as much as in the first half of 2024.
But the trend goes beyond a single event. With the exception of March, losses of over $ 100 million were recorded every month, which underlines the general, persistent threat to the crypto sector.
North Korea and the rise of state -sponsored cryptodiebes
According to analysts, actors associated with North Korea are responsible for $ 1.6 billion of the total $ 2.1 billion, which consolidates the role of the regime as the most productive national opponent of the cryptocurrencies. It is believed that these funds are used to avoid sanctions and the financing of strategic programs such as the development of nuclear weapons, which makes the theft of cryptocurrencies a central instrument of the North Korean government.
The landscape is expanding. On June 18, the Gonjeshke cyber group (Predatory Sparrow), which is connected to Israel, is said to have chopped the largest Iranian stock exchange Nobitex and stolen over $ 90 million. In contrast to traditional robberies, the stolen assets were transferred to non-spending “Vanity” addresses, which indicates symbolic or political motives rather than financial profit.
Infrastructure attacks dominate the threat landscape
More than 80% of the funds stolen in the first half of 2025 came from violations at the infrastructure level-including theft of private keys, front-end exploits and compromised access points. These attacks are usually very effective and are often supported by social engineering or insider access.
Protocol exploits such as Flash Loan and Reentrancy attacks made 12% of the losses. These continue to disclose weaknesses of Defi and underline the persistent risks of smart contracts.
A call for global coordination of cyber security
2025 marked a turning point in the cyber security of cryptocurrencies. In view of the increasing size and sophistication of nation -state actors, traditional defensive measures are no longer sufficient. Experts demand:
- Robust multi -layer protective measures: MFA, cold storage and continuous audits
- Detection of insider threats and countermeasures against social engineering
- Global cooperation between law enforcement authorities, financial information services and companies such as TRM Labs
Since cryptocurrencies are increasingly intertwined with national security, use also increases. The first half of 2025 sends a clear warning: digital assets are now goals of geopolitical conflicts, and their defense requires a uniform, global reaction.
