Nearly $3 Billion Lost In 200 Crypto Security Incidents In 2025 – With Bybit Alone Losing $1.5 Billion

• SlowMist reported 200 major security incidents that cost $2.94 billion, fewer than in 2024 but more damaging.
• DeFi was most targeted, but centralized platforms lost the most, led by Bybit's $1.5B hack, the largest crypto theft ever.
• Rising social engineering and account takeovers, with only 13% of stolen funds recovered, raised security concerns for 2026.

The blockchain industry lost nearly $3 billion to security incidents in 2025, according to a security report released by blockchain security firm SlowMist. 

The SlowMist report stated that roughly 200 major incidents in 2025 resulted in estimated losses of about $2.94 billion, reflecting a shift toward fewer but significantly more damaging attacks, including phishing, social engineering, and Ponzi schemes. 

SlowMist’s Hacked archive shows that while the number of reported incidents fell sharply from 410 in 2024 to 200 in 2025, total losses rose about 46% year over year from roughly $2.01 billion. The firm noted that figures are based on token prices at the time of each incident and exclude undisclosed cases and many retail losses, meaning actual damage is likely higher 

DeFi Was The Favorite Target

Decentralized finance (DeFi) remained the most frequently attacked sector, accounting for 126 incidents, or about 63% of all cases, with losses of roughly $649 million. Centralized trading platforms, however, suffered the most considerable financial damage. With 12 incidents, trading platforms suffered the largest financial damage in 2025, with combined losses of about $1.81 billion, according to SlowMist. 

A notable hack was Cetus Protocol, a Sui ecosystem liquidity provider, which was suspected of an attack. Liquidity decreased significantly across multiple pools, and prices of several token trading pairs on the platform dropped significantly. 

Sui (SUI) was trading at $1.44, down 0.9% over the past day. On Stocktwits, retail sentiment around Sui remained in ‘bearish’ territory, with ‘low’ levels of chatter over the past day. 

Much of that total stemmed from a single breach at the crypto exchange Bybit, where hackers stole roughly $1.5 billion, which CNBC described as the “largest crypto heist on record,” earlier this year. 

Phishing And Account Takeovers Became The Go-To Play

While contract flaws remained a key cause of losses, attackers increasingly focused on social manipulation. SlowMist data shows that hijacked X accounts were involved in 48 incidents, as phishing attacks shifted toward tricking users into approving transactions or downloading malware, enabling theft without exploiting blockchain code.

Higher Stakes for Crypto Firms

Despite stricter enforcement, just 13% of stolen funds were recovered or frozen in 2025, SlowMist said. With attacks growing more organized and regulators tightening oversight, security and compliance are emerging as minimum operating standards rather than competitive differentiators for crypto firms heading into 2026.

Read also: Will Crypto Thrive In 2026? Coinbase Exec Flags Market Structure As The Big Question

For updates and corrections, email newsroom[at]stocktwits[dot]com

Share

·

Add us on