Crypto Hacks Total $2.72B in 2025; Bybit $1.5B Ethereum Exploit Leads Losses

Published: 2025-12-31 20:49:22 |

Crypto hacks in 2025 reached a record $2.72 billion in losses, TRM Labs reports, driven by highly coordinated attacks against exchanges and DeFi. The largest incident was the February Bybit exploit — estimated at $1.4–$1.5 billion — in which North Korean-linked actors stole Ethereum and related tokens from multi-signature cold wallets after compromising a Safe developer’s laptop. Other major incidents included a Coinbase data breach (no funds taken; remediation costs up to $400 million), the Cetus Protocol smart-contract exploit on Sui (≈$223M lost, $162M recovered), a $90M hack of Iran’s Nobitex, a $70M drain of UPCX DeFi via a compromised private key, a $50M attack on BtcTurk, and a $36M Solana hot-wallet theft at Upbit. TRM attributes the surge to faster, better-coordinated attack chains and expanded North Korean IT schemes. Key trader takeaways: reinforce custody and developer-device security, expect heightened regulatory and compliance scrutiny, watch liquidity and exchange withdrawal suspensions after big breaches, and monitor sell pressure from stolen-token movements. Primary keywords: crypto hacks, Bybit hack, Ethereum exploit, DeFi security, exchange breaches. Secondary keywords: TRM Labs, Safe multi-sig, Coinbase breach, Cetus Protocol, North Korean hackers.

Bearish

A record $2.72B stolen, led by a $1.5B Ethereum theft from Bybit, raises immediate market risks. Large-scale hacks typically trigger short-term sell pressure as stolen tokens move and exchanges or platforms suspend withdrawals—reducing liquidity and increasing volatility. The Coinbase data breach and costly remediation further weaken investor confidence. In the near term, traders should expect risk-off behavior: downward pressure on major assets tied to hacked networks (notably ETH and tokens on affected chains), wider bid-ask spreads, and potential outflows from centralized venues to self-custody. Over the medium to long term, enforced security upgrades, insurance products, and regulatory scrutiny could restore confidence, but reputational damage and higher operational costs for exchanges may compress margins and slow institutional inflows. Historical parallels: large past exploits (e.g., Mt. Gox, PolyNetwork, Ronin/Lazarus-era incidents) caused immediate price dips and liquidity shocks, followed by gradual recovery once containment and recoveries were announced. Overall, the story is bearish for short-term market stability, while prompting structural improvements that could be neutral to modestly positive longer term.