Crypto Exchange Hacks and Security Statistics 2025 • SQ Magazine

The crypto-asset industry is facing a mounting security test as exchange hacks and protocol breaches continue to draw headlines. From institutional players defending against large-scale exploits to retail users under threat of phishing and wallet compromise, the ripple effects affect both operational risk and trust. In the banking sector, a major platform’s cold-wallet breach can prompt withdrawal freezes and reputational damage; meanwhile, in the retail world, phishing campaigns targeting everyday investors are draining millions. Let’s explore the full article for detailed statistics and actionable insights.

Editor’s Choice

$1.63 billion stolen in hacks in Q1 2025, a rise of ~131% year-over-year.
$2.47 billion+ lost to crypto hacks, exploits, and scams in the first half of 2025.
~34 incidents of wallet compromises in H1 2025, resulting in $1.7 billion in losses.
Only ≈4.2% of stolen crypto assets were recovered in H1 2025.
A single breach at Bybit (≈$1.5 billion) made up the majority of losses in early 2025.
In 2024, total stolen funds from crypto platforms were ~$2.2 billion, up ~21% from 2023.

Recent Developments in Exchange Security

The Bybit hack in February 2025 drained $1.5 billion in crypto, the largest single exchange theft ever recorded.
Total exchange-related losses in Q1 2025 hit $1.63 billion across 39 incidents, marking a 390% increase year-over-year.
Over 80% of 2025’s exploits targeted hot wallets, largely due to poor segmentation and key mismanagement.
Stolen crypto from exchanges now moves between chains at premiums of up to 14.5x normal transaction costs to evade tracing.
The Lazarus Group was linked to both Bybit’s $1.5B and DMM Bitcoin’s $320M hacks, showing continued state-level targeting.
Cross-chain laundering has made recovery nearly impossible, with stolen assets often vanishing within minutes of the exploit.
Real-time monitoring and cosigner validation tools like Chainalysis Hexagate are now used by leading exchanges for proactive defense.
Exchange-focused hacks rose 17% year-over-year, surpassing any year since 2022 in total stolen value.
Insurance providers have tightened coverage terms and raised premiums by 25–30% for crypto custodians after Q1 2025 attacks.

Bitcoin ATM Growth by Region

Global: Installations rose from 37,722 to 38,726 (+1,004 or +2.7% growth in H1 2025).
Europe: Increased from 1,652 to 1,801 ATMs (+149 or +9.0%), boosted by broader EU adoption.
USA: Grew from 30,119 to 30,447 ATMs (+328 or +1.1%), maintaining market dominance.
Canada: Added 245 ATMs to reach 3,621, showing a +7.3% year-to-date increase.
Australia: Surged from 1,385 to 1,876 ATMs (+491 or +35.5%), marking the fastest regional growth in 2025.

High-Profile Crypto Exchange Hacks

Bybit, ~$1.5 billion stolen in February 2025, the largest crypto exchange hack on record.
A second major incident, ~$225 million stolen from the protocol on the Sui blockchain in May 2025.
In July 2025, multiple exchanges, including Bybit, BigONE, and CoinDCX, lost ~$1.5 billion in combined breaches.
The hacker group attributed to many high-profile incidents is the Lazarus Group (linked to North Korea).
Some breaches exploited third-party provider vulnerabilities, not just exchange code.
Platforms affected often paused withdrawals and reimbursed users, affecting market confidence.
Even successful recovery efforts (in a few cases) diverted funds from other services and investors, amplifying damage.

DeFi Hacks and Protocol Vulnerabilities

Total losses to the top 100 DeFi hacks (2014-2024) reached $10.77 billion.
In June 2025 alone, there were four DeFi hacks over $1 million each, totalling ~$112 million in losses.
In July 2025, the number of hacks jumped to seven incidents ≥ $1 million, with ~$134 million stolen.
In H1 2025, total crypto losses (including DeFi and CEX) exceeded $3.1 billion, already surpassing many annual totals of previous years.
Smart-contract input verification and validation bugs accounted for ~34.6 % of protocol exploit cases.
Flash-loan oracles and bridge vulnerabilities have emerged as frequent vectors in DeFi attacks.
DeFi hacks increasingly target emerging chains and gaming or Layer-2 protocols as attackers move beyond major blockchains.
Thousands of new smart contracts (≈6.2 million in Q1 2025) raised the attack surface for protocols.
DeFi user funds remain especially at risk when governance or upgrade mechanisms are weak.

Largest Crypto Exchange Hacks by Amount Stolen

Bybit: Largest crypto hack ever with $1.5 billion stolen in 2025, marking the year’s most devastating breach.
Poly Network: Lost $611 million, exposing risks in cross-chain bridge protocols.
BSC Token Hub: Hacked for $582 million, revealing DeFi interoperability weaknesses.
Ronin Network: Suffered a $540 million loss from the Axie Infinity exploit in the gaming blockchain.
Coincheck: Breached for $532 million, one of Japan’s biggest crypto security incidents.
FTX: Lost $482 million in assets during its collapse amid internal and external failures.
Mt. Gox: Early crypto hack totaling $470 million, shaping future exchange security awareness.
DMM: Attacked for $325 million, showing vulnerabilities in centralized exchange wallets.
Wormhole: Lost $308 million in a major DeFi bridge exploit, exposing smart contract flaws.

Types of Cryptocurrency Hacks

Wallet compromise, users lose funds when private keys or seed phrases are stolen, ~$1.7 billion in losses in H1 2025.
There were ~132 crypto phishing incidents in H1 2025, with wallet drainers responsible for ~$500 million in losses and phishing breach costs averaging $4.88 million per incident.
An exchange infrastructure exploit, e.g., a cold-wallet breach at Bybit, drained ~$1.5 billion.
Smart-contract exploits, DeFi protocols, or bridges with code bugs allow attackers to drain funds.
Cross-chain or bridge hacks, vulnerabilities in bridging logic have led to multi-billion-dollar losses historically.
API & credential brute-force, attackers exploit weak credentials to initiate unauthorized withdrawals.
Malware & fake wallet apps, attackers trick users into installing malicious wallets or browser extensions.

Hacks of Centralized Exchanges

In the first half of 2025 (H1), centralized exchanges suffered ≈ $1.88 billion in losses from just 11 incidents, showing that large-scale breaches remain highly concentrated.
Centralized platforms accounted for roughly 79 % of all reported platform breaches during H1 2025, making them primary targets for attackers.
The single biggest exchange hack to date, the Bybit breach (~$1.5 billion in February 2025) underscored the systemic risk in CEX infrastructure.
In Q2 2025, while the number of hacking incidents declined by ~52% compared to Q1, total lost value still remained elevated, indicating fewer but larger events.
Many attacks against CEXs exploited access-control failures (59% of losses in some reports) over traditional cryptographic flaws.
Some hacks involved compromised third-party wallet or custody providers rather than the exchange’s core code.
Recovery rates remain low; only a small percentage of stolen assets from CEX incidents are traced and returned.
Withdrawal freezes and reputational damage from CEX hacks often lead to user flight and platform downgrades in trust.
Regulatory scrutiny on CEX governance and reserve collateral models has intensified following these large breaches.
Institutional custodians and insurers are raising minimum security requirements for exchanges to underwrite risk.

Overview of Crypto Exchange Hacks

$2.37 billion lost to crypto hacks in H1 2025, up 66% from H1 2024.
Centralized exchanges made up 79% of all breaches, remaining the top hacker targets.
DeFi attacks rose 44%, driven by smart contract vulnerabilities.
Phishing caused 48% of breaches, the leading social engineering threat.
Malware intrusions increased 26%, mainly impacting smaller exchanges.
SIM-swapping accounted for 19% of major hacks, showing weak SMS authentication.
63% of exchanges raised cybersecurity budgets, yet 31% still faced at least one breach in 2025.

Security Incident Statistics

In H1 2025, the crypto industry saw over $2.17 billion stolen from exchanges and related services, already exceeding full-year 2024 totals.
Q3 2025 alone recorded ~$306.7 million lost in hacks, bringing year-to-date losses to approximately $2.55 billion.
Service-platform thefts remain dominant, but personal wallet and phishing losses now represent ~23.4% of stolen value in 2025 YTD.
Average laundering multiplier (cost to move stolen funds) has risen to ~14.5× in 2025, up from ~2.6× in 2021.
Among major hacks, one incident of ~$1.5 billion at a prominent exchange accounts for the majority of 2025 losses.
Illicit volume as a share of total crypto volume remains under 1%, but the absolute dollar value is trending upward.
In H1 2025, victims in regions including the U.S., Germany, Russia, Canada, Japan, and Indonesia saw rapid growth in losses.
Wallet-compromise incidents showed growing numbers and sophistication, with more funds left on-chain rather than immediately laundered.

Wallet Hacks and Social Engineering

Over $2.17 billion in crypto was stolen globally in H1 2025, mostly from wallet compromises and exchange breaches.
Personal wallet attacks made up 23.3% of total crypto thefts in early 2025, up from just 12% in 2023.
In Q1 2025, the Anti-Phishing Working Group (APWG) recorded ~1 million phishing attacks—one of the highest quarterly counts, but not all targeted crypto specifically.
Social-engineering scams accounted for about $300 million in user losses annually across major crypto exchanges.
Hackers linked to North Korea stole over $2 billion in crypto assets in 2025, a new yearly record.
AI-driven crypto scams fueled over $3.01 billion in theft globally in the first half of 2025 alone.
Voice-phishing and deepfake scams surged 442% in 2025, resulting in $40 billion in global fraud losses.
Financial fraud using deepfakes caused over $200 million in losses in just Q1 2025.
60% of reported cyber breaches in 2025 involved the human element, primarily social-engineering vectors.

Hacks of Centralized Exchanges

Hot wallet breaches caused 82% of all CEX losses over the past five years, remaining the top threat.
API vulnerabilities made up 17% of 2025 hacks, exposing user data and transaction flows.
Unauthorized access was involved in 29% of breaches due to weak passwords and poor 2FA use.
Internal fraud and collusion drove 11% of CEX attacks, showing insider risk gaps.
Unregulated exchanges faced major breaches in 43% of cases, proving compliance importance.
DDoS and server-side attacks rarely caused losses, but heavily damaged user trust.
Average detection time for CEX hacks in 2025 is 68 hours, with quicker responses limiting losses.

Governmental Efforts Against Crypto Threats

Over 75% of global jurisdictions are still only partially compliant with the FATF crypto asset standards as of 2025.
The GENIUS Act, signed in July 2025, officially defined stablecoins and mandated 1:1 backing by liquid assets like U.S. dollars or Treasuries.
85% of U.S. law enforcement agencies now use blockchain forensics and analytics tools in crypto investigations, up from 55% in 2020.
Governments worldwide have frozen over $1 billion in crypto assets through forensic-led interventions in 2025.
Global AML and CFT enforcement tied to crypto increased by 41% year-over-year in 2025, tightening reporting requirements.
The U.S. is leading the shift toward crypto compliance, with more than 30 state-level bills introduced in 2025 addressing virtual assets.
Cross-border regulatory collaboration surged, with 120+ countries now participating in shared blockchain intelligence frameworks.
PwC reports that 2025 marks the first year in which stablecoin oversight became a top-three regulatory focus globally.
Blockchain intelligence has become a standard capability across national regulators, adopted by 70% of G20 governments in 2025.

Exchange Rankings by Volume

The top crypto exchanges by volume include Binance, Bybit, Crypto.com Exchange, Gate.io, and MEXC.
In Q3 2025, Binance reportedly held ~42.3% of the global spot-trading market share.
MEXC held ~8.6% market share in July 2025 among centralized exchanges, placing second behind Binance.
The top 10 centralized exchanges accounted for ~90.76% of the total global exchange market in 2024.
Derivatives volume is shifting; for example, OKX’s derivatives volume surpassed $1.3 trillion in September 2025, overtaking Binance temporarily.
Rankings reflect not only volume but user base. In July 2025, the top six exchanges, including Binance, Crypto.com, Kraken, Bybit, LBank, and OKX, were selected based on security measures and features.
Median daily trading volume for Binance in 2025 is estimated at ~$16.29 billion, far ahead of the next-tier platforms.
A number of mid-tier exchanges saw volume declines in Q2 2025; for example, six out of the top 10 platforms recorded double-digit percentage drops.

Trading Volume Statistics

Global crypto trading volume reached ~$9.36 trillion in H1 2025—the strongest period since 2021.
Spot-trading segments were dominant, with projections indicating exchange market revenue for 2025 between $54-71 billion.
In Q2 2025, the top 10 exchanges saw combined trading volume drop ~27.7% (≈ $1.5 trillion) compared to Q1.
The crypto exchange market revenue in 2024 was ~$50 billion, and 2025 is expected to grow by ~20–30% given increased institutional adoption.
North America accounted for 40.20% of the global crypto exchange market in 2024 (~$9.95 billion).
Spot trading made up ~58.86% of the 2024 exchange market ($14.57 billion of total), with derivatives growing fastest thereafter.
The number of listed spot crypto exchanges exceeded 248 by 2025, though only around 200–220 are consistently active.
The global crypto market cap hovered around $2.7 trillion in mid-2025, down from late-2024 highs near ~$4 trillion.
Daily median volumes on leading platforms remain in the tens of billions of dollars, enabling high liquidity and narrow spreads.

User Base and Adoption Statistics

As of 2024, the global crypto user count is ~560–659 million and projected to surpass 950 million by the end of 2025.
Global crypto ownership rate is 6.8% (2024, Triple-A), with 560–659 million owners; the user base could reach 950 million by late 2025.
In the U.S., the adoption rate rose from ~20% in 2024 to ~22% in 2025.
Among U.S. crypto owners in 2025, ~39% held crypto ETFs.
Millennials and Gen Z globally reported ~50% ownership of crypto or previous ownership.
In 2025, ~51% of crypto users identified as long-term investors, while ~26% identified as short-term traders.
Women’s participation in crypto trading increased significantly in 2025, though exact volatility-adjusted growth figures vary.
In a survey, crypto wallet usage across multiple countries saw strong growth, particularly in emerging economies.

Geographic Distribution of Users

India and the United States lead worldwide adoption scores.
Turkey leads in per-capita adoption among major economies, ~25.6% of its internet population owns crypto.
Brazil (~20.6%) and South Africa (~19.6%) register high adoption among large emerging markets.
Japan (~5.0%), Germany (~8.9%), and France (~7.2%) lag in share despite mature financial systems.
The top 10 countries account for ~39.35% of all global crypto users, roughly 338.8 million users.
North America remained the largest regional market for crypto exchanges (~40.2% market share in 2024), but Asia-Pacific is growing fastest.

Frequently Asked Questions (FAQs)

How much has been stolen from cryptocurrency services in the first half of 2025?

More than $2.17 billion was stolen in the first half of 2025, already exceeding the total for all of 2024.

How many security incidents were recorded in the crypto sector for H1 2025?

There were around 344 security incidents involving cryptocurrency theft in H1 2025.

What share of the total H1 2025 losses were due to wallet-compromise events?

There were ~34 major wallet-compromise incidents in H1 2025, resulting in ~$1.7 billion losses; wallet drainer scams alone drained nearly $500 million in 2024.

How large was the single biggest hack of a crypto exchange in 2025, and what percentage of 2025’s losses did it represent?

The largest single hack involved about $1.5 billion, accounting for nearly 70% of all funds stolen in services during the period.

Conclusion

The crypto exchange ecosystem is operating under a dual narrative, on one side, record trading volumes and rising user adoption, and on the other side, escalating security incidents, especially among major exchanges and centralized platforms. As the industry matures, the balance between growth and protection is becoming increasingly difficult. Enterprises and retail users alike face heightened risk from hacks, phishing and smart-contract exploits.

Meanwhile, regulators are responding with significant legislative and supervisory developments in jurisdictions such as the U.S. The takeaway is clear: security and governance will matter as much as innovation, and only those exchanges and protocols that build trust and resilience will thrive. Investors and platform operators should keep these statistics in mind when deciding where to trade, build or custody digital assets. We invite you to explore the full article to dive deeper into these trends and their implications.