Overview
- SlowMist tallied about $2.935 billion stolen across 200 incidents in 2025, a 46% increase in losses despite the incident count dropping by half from 2024.
- Hacken’s annual review estimated roughly $4 billion in losses and said North Korean state-linked hackers were responsible for about 52% of stolen funds.
- The year’s biggest hit was Bybit’s roughly $1.46 billion breach, attributed by U.S. authorities to Lazarus, helping push centralized-exchange losses to about $1.809 billion versus around $649 million across 126 DeFi incidents.
- Operational failures led the damage, with access-control compromises accounting for about $2.12 billion in losses, while phishing and social engineering swelled to roughly $951 million.
- Tracing and enforcement actions intensified, with about $387 million frozen or recovered across 18 cases, as security firms also warned that emerging AI-native attack surfaces are expanding risk.