The global cryptocurrency industry endured another turbulent year in 2025, with stolen digital assets surging to more than $3.4 billion, according to a new report by blockchain analytics firm Chainalysis.
The figure represents a sharp escalation in crypto-related crime and marks a 54 per cent year-on-year increase from the $2.2 billion stolen through hacks in 2024. Chainalysis attributes the rise not to a higher volume of attacks, but to fewer, far more devastating breaches that significantly amplified overall losses.
The report highlights a clear shift in the structure of crypto crime, characterised by large, outlier-driven incidents that now account for the bulk of stolen funds. Between January and early December 2025, a single breach alone was responsible for a substantial share of the total losses recorded.
Chief among these was the February 2025 hack of crypto exchange Bybit, which resulted in losses estimated at $1.5 billion, making it the largest individual crypto theft on record and a major driver of the year’s grim statistics.
Beyond the headline numbers, Chainalysis noted significant changes in how crypto thefts are being executed. Personal wallet compromises have risen sharply over the past three years, increasing from 7.3 per cent of total stolen value in 2022 to 44 per cent in 2024. In 2025, their share would have stood at 37 per cent were it not for the outsized impact of the Bybit attack.
The data further reveal that crypto thefts in 2025 were heavily concentrated. The ratio between the largest hack and the median theft exceeded the 1,000-times threshold for the first time, surpassing levels last seen during the 2021 bull market. Notably, the top three hacks alone accounted for 69 per cent of all losses linked to crypto services during the year.
According to Chainalysis, this growing concentration suggests that while the number of incidents may fluctuate, the financial impact of individual breaches is escalating at a much faster pace—raising systemic risk concerns for major platforms and service providers.
North Korea dominates crypto thefts
North Korea remained the most significant nation-state threat to the cryptocurrency ecosystem in 2025, despite a decline in the number of confirmed attacks attributed to the country.
Chainalysis estimates that hackers linked to the Democratic People’s Republic of Korea (DPRK) stole at least $2.02 billion in cryptocurrency during the year, representing a 51 per cent increase from 2024. These attacks accounted for a record 76 per cent of all service-related compromises in 2025.
Cumulatively, the lower-bound estimate of crypto stolen by DPRK-linked actors has now reached $6.75 billion. The report noted that North Korean hackers typically carry out fewer operations than other cybercriminals but focus on high-value targets, including large exchanges, custodians and Web3 firms.
The firm also observed a growing reliance on sophisticated social engineering tactics by DPRK-linked groups. These include embedding IT workers within crypto companies and impersonating recruiters, investors or acquisition partners to gain privileged access to internal systems.
“Once funds are stolen, DPRK-linked hackers follow distinctive laundering patterns,” Chainalysis said. “Unlike other cybercriminals who move funds in large on-chain tranches, North Korean actors typically split transactions into smaller amounts, with over 60 per cent of transfers below $500,000.”
The report added that these actors show a strong preference for Chinese-language money-laundering networks, cross-chain bridges and mixing services, while largely avoiding lending protocols, peer-to-peer exchanges and even some KYC-free platforms commonly used by other criminals.
Why It Matters
The crypto industry was jolted early in 2025 when Bybit disclosed that it had fallen victim to what it described as a “sophisticated attack,” resulting in the theft of Ethereum (ETH) valued at about $1.4 billion from one of its offline wallets.
The breach has since been described as the largest crypto heist in history, eclipsing previous high-profile attacks such as the $624 million Ronin Network hack and the $611 million Poly Network exploit, according to data from Web3 breach-tracking platform Rekt.
Chainalysis warned that unless security standards improve across exchanges, custodians and decentralised platforms, the rising scale of individual attacks could pose growing risks to confidence and stability across the global crypto ecosystem.
