- Over $ 1.5 billion in crypto were lost in scams and theft in the first quarter of 2025, said the report
- Most of the funds have been lost in piracy of Bybit
- The portfolio compromise is the most common way for people to lose their crypto
Regarding scams and theft, the crypto has not had an excellent year so far. Just in the first quarter of the year, pirates stole more than $ 1.67 billion out of 197 security incidents. This is according to a new report published by Blockchain Cybersecurity Pros Certik.
The Hack3D Q1 2025 report indicates that the figure represents an increase of 303.38% of the value compared to the previous quarter. Throughout the industry, the average loss per incident was $ 9,549,339, said Certik, while the median loss per incident was $ 66,303.
The total value of the returned funds was $ 6,390,698, resulting in total adjusted losses of $ 1,662,600 186 for the quarter. Unfortunately, only 0.4% of stolen funds were returned to customers, but it is essentially that the blockchain works, because most of the transactions are irreversible.
Awakening
Without a broader context, these figures could be a little misleading, however. Almost all the stolen money came across a single incident – bybt’s hacking at the end of February 2025.
Bybit, a great exchange of cryptocurrency, lost $ 1.5 billion in Ethereum, in an attack which was attributed to the Lazare group sponsored by the state of North Korea. The pirates infiltrated the infrastructure of Safe {Wallet}, injecting a malicious javascript which deceived the Bybit security team by approving the unauthorized transactions.
Lazare is one of the most infamous threats in the world, deployment of huge state resources to steal cryptocurrencies, which are then used to finance the government’s state apparatus and its weapons program.
“Pirates use increasingly sophisticated techniques, and it is now more important than ever for blockchain businesses and projects to invest proactively in robust security measures,” said Certik, Rongui Gu. The violation of the appeal is an alarm signal for the entire industry. Security is not just a competitive advantage – it is a shared responsibility. »»
The most expensive attack vector is portfolio compromise, followed by a private key compromise, code vulnerability and phishing.
