Crypto Sector Lost $3.1 Billion to Hacks in Q1 2025, Says Hacken Report

The cryptocurrency industry has witnessed over $3.1 billion in losses during the first half of 2025, already surpassing the total for all of 2024.

According to a report published by blockchain security firm Hacken, the figure reflects persistent systemic vulnerabilities across both decentralized and centralized finance platforms, driven by outdated codebases, access-control flaws, and the growing complexity introduced by artificial intelligence integrations.

Access-control exploits remain the leading cause of financial damage, contributing roughly 59% of the total losses, while smart-contract bugs accounted for around $273 million.

Although the $1.5 billion Bybit incident in February stands out as a major event, it does not obscure the fact that the industry continues to face broad security shortcomings.

Hacken’s forensic team observed a recurring theme in 2025: human and procedural errors are now a more frequent point of attack than cryptographic weaknesses.

Legacy Infrastructure and Operational Vulnerabilities

Hacken’s head of forensics, Yehor Rudytsia, noted that older codebases have remained active targets for attackers, with the GMX v1 platform being a key example.

The protocol’s outdated structure began facing exploitation in Q3 2025. “Projects have to care about their old or legacy codebase if it was not stopped from operating completely,” Rudytsia said, emphasizing the risks of leaving older protocols exposed.

Operational vulnerabilities have also played a prominent role, accounting for approximately $1.83 billion in losses across both DeFi and CeFi. The most notable case was the $223 million breach on Cetus, a DeFi platform, during Q2. The exploit was traced to an overflow check vulnerability in its liquidity calculations.

Using a flash loan, the attacker opened hundreds of small positions across 264 pools. Hacken analysts suggested that real-time TVL monitoring with automatic pause mechanisms might have prevented up to 90% of the funds from being drained.

AI and Insecure APIs Add Complexity to Web3 Security

The incorporation of artificial intelligence tools into Web3 projects has added another layer of complexity to the security environment. According to Hacken’s report, there has been a 1,025% increase in AI-related attacks compared to 2023.

Nearly 99% of these incidents involved insecure APIs, making them one of the most exploited attack surfaces today. As of mid-2025, 34% of Web3 projects are using AI agents in live environments, increasing their exposure to risks such as model hallucination, prompt injection, and data poisoning.

Hacken also highlighted that existing security standards like ISO/IEC 27001 and the NIST Cybersecurity Framework are not yet adequately equipped to handle these AI-specific threats. The report called for updated governance and risk models that can better account for evolving vulnerabilities in smart systems.

With more sophisticated threat vectors emerging and attackers increasingly relying on automation and social engineering, the demand for proactive and adaptive security mechanisms in the crypto sector has grown substantially.

Featured image created with DALL-E, Chart from TradingView