Hackers stole $1.63 billion in cryptocurrency in the first quarter of 2025, a 131% increase from Q1 2024’s $706 million, according to blockchain security firms PeckShield and Immunefi.
Hackers stole $1.63 billion in cryptocurrency in the first quarter of 2025, a 131% increase from Q1 2024’s $706 million, according to blockchain security firms PeckShield and Immunefi. The biggest attack was on Bybit, which lost $1.46 billion, making up 92% of total losses. Phemex was also hit, with hackers stealing $69.1 million. Centralized exchanges accounted for 94% of all stolen funds, a shift from previous years when decentralized finance (DeFi) platforms were the main targets.
February was the worst month, with $1.53 billion lost, mostly due to the Bybit breach. Other incidents in February included a $50 million attack on Infini, a $9.5 million hack on zkLend, and an $8.5 million exploit on Ionic. January saw $87 million in losses, significantly lower than the following month.
March recorded 20 hacks, but total losses fell 97% from February, with $33.46 million stolen. The biggest attack was a $13 million exploit on Abracadabra.Money on March 25, where 6,260 ETH was drained. Another major breach happened on March 21, when $8.4 million was stolen from Zoth, a real-world asset restaking protocol. The attacker converted the stolen funds into stablecoins before transferring them elsewhere. March also saw an $8.32 million attack on zkLend, continuing a trend of threats targeting DeFi lending platforms.
Despite the high number of attacks, some stolen funds were returned. On March 7, a hacker who stole $5 million from decentralized exchange 1inch sent back 90% of the funds after the platform offered a 10% bounty in exchange.
Binance’s BNB Chain was the most targeted blockchain, recording 19 separate hacks, followed by Ethereum with 15. Analysts believe hackers are focusing on larger blockchain networks because of their high transaction volume and liquidity.
Security experts have suggested that state-backed actors may have been involved in the Bybit and Phemex breaches. While no government entity has been officially linked to the attacks, the scale and sophistication of these incidents point to well-resourced groups with advanced hacking capabilities.
With centralized exchanges now the primary targets of crypto hacks, the industry is under pressure to strengthen security measures. Traditional security tools are proving inadequate as attackers find new ways to bypass protections. The losses from Q1 2025 mark a historic high, raising concerns about the growing threat to digital assets.
This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators.
This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice.
The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.
