Crypto lost $1.64B to hacks in Q1 2025

The first quarter of 2025 marked the worst period in the history of the crypto industry in terms of funds lost to hacks. A total of $1.64 billion was stolen across 39 separate incidents.
 

The majority of the losses came from just two major attacks: Bybit lost $1.46 billion in February, and Phemex was hit for $69.1 million in January. Experts believe both were carried out by the notorious North Korean hacking group Lazarus.
 

Compared to the same period in 2024, the losses have surged dramatically — from $348 million to over $1.6 billion — marking a 4.7x increase year over year.
 

Centralized platforms become prime targets

Although only two attacks targeted centralized finance (CeFi) platforms in Q1 2025, they were responsible for the largest losses. Meanwhile, decentralized finance (DeFi) projects suffered 38 incidents, but the total damage was limited to $106.8 million — a 69% decrease compared to Q1 2024.
 

The BNB Chain became the most targeted blockchain in early 2025, overtaking Ethereum. Combined, the two networks accounted for 76% of all crypto losses during the quarter.
 

Fraud is on the decline

Unlike hacks, there were no reported cases of fraud, scams, or rug pulls in Q1 2025. For comparison, such schemes caused $14.6 million in losses during the same period last year.
 

Overall, the volume of funds lost to hackers increased by 390% compared to Q1 2024, highlighting growing threats to the crypto space — especially from state-sponsored cybercriminals.
 

Only a fraction of funds recovered

Just $6.5 million — or 0.4% of the stolen funds — was recovered in Q1 2025.
 

At the same time, bug bounty platforms have paid out over $112 million in rewards and helped prevent more than $25 billion in potential losses. More than $180 million in bounty rewards is currently available for white-hat hackers.