Hackers stole $1.63 billion in cryptocurrency in the first quarter of 2025, a 131% increase from Q1 2024’s $706 million, according to blockchain security firms PeckShield and Immunefi. The biggest attack was on Bybit, which lost $1.46 billion, making up 92% of total losses. Phemex was also hit, with hackers stealing $69.1 million. Centralized exchanges accounted for 94% of all stolen funds, a shift from previous years when decentralized finance (DeFi) platforms were the main targets.
February was the worst month, with $1.53 billion lost, mostly due to the Bybit breach. Other incidents in February included a $50 million attack on Infini, a $9.5 million hack on zkLend, and an $8.5 million exploit on Ionic. January saw $87 million in losses, significantly lower than the following month.
March recorded 20 hacks, but total losses fell 97% from February, with $33.46 million stolen. The biggest attack was a $13 million exploit on Abracadabra.Money on March 25, where 6,260 ETH was drained. Another major breach happened on March 21, when $8.4 million was stolen from Zoth, a real-world asset restaking protocol. The attacker converted the stolen funds into stablecoins before transferring them elsewhere. March also saw an $8.32 million attack on zkLend, continuing a trend of threats targeting DeFi lending platforms.
Despite the high number of attacks, some stolen funds were returned. On March 7, a hacker who stole $5 million from decentralized exchange 1inch sent back 90% of the funds after the platform offered a 10% bounty in exchange.
Binance’s BNB Chain was the most targeted blockchain, recording 19 separate hacks, followed by Ethereum with 15. Analysts believe hackers are focusing on larger blockchain networks because of their high transaction volume and liquidity.
Security experts have suggested that state-backed actors may have been involved in the Bybit and Phemex breaches. While no government entity has been officially linked to the attacks, the scale and sophistication of these incidents point to well-resourced groups with advanced hacking capabilities.
With centralized exchanges now the primary targets of crypto hacks, the industry is under pressure to strengthen security measures. Traditional security tools are proving inadequate as attackers find new ways to bypass protections. The losses from Q1 2025 mark a historic high, raising concerns about the growing threat to digital assets.