Crypto Losses Hit $4B in 2025 as Scams and Centralized Attacks Surge

Blockchain security firm PeckShield reported that total crypto losses in 2025 reached $4.04 billion, a significant 34% rise from 2024. This staggering sum was split between $2.67 billion lost to hacks and $1.37 billion linked to scams. The growth in scam losses was particularly alarming, jumping roughly 64% year-on-year and outpacing the increase in direct protocol exploits. This indicates that while technical vulnerabilities remain, human factors are becoming a more lucrative target for attackers.

The data reveals that the issue was not just the frequency of scams but the scale of individual incidents. PeckShield highlighted that higher per-case losses were often tied to sophisticated, tailored phishing and impersonation campaigns designed to deceive high-value individuals. Meanwhile, the ecosystem recorded more than 200 distinct hack incidents throughout the year, excluding scams, underscoring the persistent technical threats facing the industry.

A critical trend identified by PeckShield was a fundamental change in attacker strategy. Instead of primarily targeting decentralized finance (DeFi) protocols, bad actors increasingly focused on centralized exchanges and large organizations. This shift proved devastatingly effective: centralized entities accounted for 75% of the total value stolen in 2025, a dramatic increase from 46% in 2024.

This strategic pivot was exemplified by the record-breaking $1.51 billion breach at cryptocurrency exchange Bybit in February 2025. PeckShield now ranks this as the largest single hack in crypto history. The FBI later attributed this attack to North Korea’s Lazarus Group, detailing their use of malware and social engineering to compromise Bybit’s cold wallets. The incident serves as a stark case study in the new era of high-value, centralized targeting.

In terms of blockchain targets, BNB Chain experienced the highest number of individual incidents. However, the Ethereum network accounted for the greatest dollar value lost, primarily due to the concentration of large, high-value targets operating on its ecosystem.

The movement and recovery of stolen funds painted a concerning picture. Tracked laundering linked to major exploits reached $1.49 billion in 2025, a 15% increase from the previous year, which PeckShield connected directly to the larger sums taken in individual heists. On a marginally positive note, authorities and security firms managed to recover or freeze approximately $334.9 million of stolen crypto.

However, this recovery rate represented a decline from the $488.5 million recovered in 2024. This suggests that the sheer scale and growing complexity of these thefts are beginning to outpace industry and law enforcement mitigation efforts. The lower recovery figure underscores the challenges in tracking and seizing assets once they enter sophisticated laundering networks.

The threat remains active and evolving. While a separate PeckShield report noted that losses from exploits fell to $76 million in December 2025—a 60% drop from November—the new year began with a major breach. On January 9, 2026, the Truebit protocol lost $26.5 million in an exploit, demonstrating the ongoing cycle of attacks. This pattern confirms that while monthly totals may fluctuate, the underlying threats from infrastructure vulnerabilities and personalized scams are persistent, structural challenges for the global crypto ecosystem.