Crypto investors lost more than $ 2.1 billion due to pirates and exploits in the first half of 2025, marking the worst period of six months never recorded for cryptographic security and an indication of certain nation states intensifying their cyber campaigns in cryptographic space.
The 75 recorded incidents crossed the previous H1 from 2022 by around 10% and almost correspond to the entire total of 2024, said a TRM Labs report published on Friday. But the ascent of the alarm is to know who makes a large part of the flight.
Researchers say that groups related to North Korean are responsible for $ 1.6 billion, or 70% of all funds stolen this year.
At the center of the overvoltage is the hacking of $ 1.5 billion in February, which would have been carried out by North Korea, marking the largest flight of cryptography in history and biaoping the size of the average piracy of the year at $ 30 million – or doubles last year’s levels.
The threat is not limited to Pyongyang. On June 18, a group that would be linked to Israel, Gonjeshke Darande (Sparrow predator), stole $ 90 million in Iranian Nobitex exchange, apparently in retaliation for the alleged role of the platform in the escape of sanctions.
The stolen funds have been sent to the vanity addresses (which are not expendable by design and sent by the tokens are considered burnt), suggesting a political reason for profit.
Attack vectors quickly evolve. More than 80% of stolen funds came from violations in the infrastructure, including private key flights and before.
These attacks, often involving social engineering or access to the inities, are ten times more lucrative than the exploits of traditional intelligent contracts. DEFI vulnerabilities, including flash loans and reversal attacks, which were widespread in 2021-222, represented relatively 12% of losses.
Read more: North Korean pirates target the best crypto companies with malicious software hidden in employment applications
