Crypto Hacks Loot $2.5bn in H1 of 2025, Here Are Their Latest Tactics

Crypto crime is on the rise, with Q1 of 2025 reporting a record of 200 heists. Q2 brought some modicum of stability with 144, but still, the total losses from crypto scams in the first half of 2025 exceeded $2.5 billion ($2.20 billion after recovery).

According to blockchain security firm CertiK, that’s a 26.6% increase from last year when losses reached $1.98 billion by July, and 3% more than the entire 2024.

The majority of breaches were related to the $1.5 billion hack of Bybit exchange, augmented by the $220 million plunder of the Cetus protocol. Had there not been these two incidents, the total loss for the first half of 2025 would be $690 million.

New Year, New Methods

A more detailed analysis shows the budding criminal activity growing in confidence. More than simple smart contract exploits and the headline-grabbing crypto exchange hacks, the attackers are using more personalized, user-focused attacks to target individuals.

SlowMist’s MistTrack Stolen Fund Analysis report for Q2 2025 reveals an increasing number of hacks involving fake browser extension phishing attacks, hardware wallet exploits, and manipulative practices that ultimately result in private key leakages. These attacks rely mostly on users’ negligence, misinformation, and a false sense or urgency.

Browser Extensions

Malicious browser extensions account for the majority of personalized attacks, often masquerading as security plugins. One of these, the ‘Osiris’ plugin for Chrome, claiming to detect suspicious websites for users’ benefit, would replace all .exe .dmg and .zip files with malicious programs of their own.

Worse yet, it would lead investors to trusted sites like Notion, where they would download infected files. Stealing Chrome browser data and Keychain credentials was the easy part.

Hardware Wallets

Tricking users into purchasing tampered Ledger wallets is another well-developed loot. In one of the biggest crypto hacks of Q2 2025, an individual lost $6.5 million by purchasing a cold wallet they found on Douyin (TikTok China).

Other reported cases involve users receiving tampered wallets as gifts for winning a lottery, or triggering an emotional response with messages of compromised wallets.

Fake Revoker Websites

Scammers also employ social engineering tactics to exploit investors’ sense of urgency. Many users report receiving evocative messages that prompted them to revoke their contract permissions.

The links led to pitch-perfect clones of approval tools like Revoke Cash, which asked investors to “check for risky signatures” by entering their private keys. Needless to say, the fake website used EmailJS to send the key data directly to the attacker’s email.

Preventing Scams in 2025

Then there are more sophisticated attacks targeting specific proposals, such as EIP-7702 – introduced in Ethereum’s Pectra upgrade, or WeChat’s account recovery system. While most hacks can largely be prevented by staying alert, not trusting outside sources, and keeping your wits in the face of panic-triggering language, some attacks exploit technical deficiencies and can only be detected from afar.

On the bright side, blockchain analytics and the crypto community have helped mitigate some of the damage by recovering a portion of the stolen currencies. About 9% of the funds stolen in Q2 have been returned to original investors, either through consent, legal action, or by freezing token contracts. There were virtually no arrests, since attackers use mixers, bridges, and privacy coins to cover their tracks. And besides, the lack of regulation around crypto is a chain around the necks of law enforcement.

Legislators agree that more is needed to raise awareness levels and beef up security protocols for protecting users. Hong Kong’s recently introduced Stablecoin Bill and the EU’s Markets in Crypto-Assets (MiCA) framework are a great start, but vigilance, as always, remains the key.