The record-breaking increase in the volume of cyber thefts targeting the cryptocurrency sector during 2025 indicates a qualitative shift in the nature of cyber threats in terms of the number of incidents, structure, tools, and actors. Announced losses have exceeded $2.7 billion according to estimates from companies specializing in blockchain tracking, making this year the highest ever in terms of the volume of stolen digital assets.
This escalation cannot be isolated from the broader shifts in cyberspace, which is increasingly playing a role in reshaping the balance of power between attackers and defenders in a digital economy fundamentally based on technical trust.
Recent data reveals that attacks are no longer confined to stealing individual wallets or exploiting basic vulnerabilities. Instead, they are now targeting the deep structure of the cryptocurrency economy, from centralized trading platforms to decentralized finance (DeFi) protocols and Web3 technologies.
The breach of the “Bybit” platform and the theft of approximately $1.4 billion in cryptocurrencies clearly embodies this shift. It is not only the largest theft in the sector’s history but also reflects a high level of planning and systematic understanding of key management mechanisms, signature systems, and the platform’s operational structure. This indicates a transition of attacks from the logic of limited technical hacking to the logic of “financial cyber engineering” capable of striking the system’s own pivotal points.
The Impact of Artificial Intelligence
In this context, artificial intelligence stands out as a risk multiplier. Machine learning algorithms are now used to analyze smart contract source code and discover vulnerability patterns at speeds far exceeding traditional human auditing capabilities. They also allow for simulating platform behavior and testing multiple breach scenarios before an attack is actually executed.
Furthermore, AI-powered automation has accelerated the stages of reconnaissance, execution, and obfuscation, including laundering proceeds through complex networks of transactions. This occurs at a time when many cryptocurrency projects still rely on traditional defensive tools or security teams with limited resources, widening the gap between attackers’ and defenders’ capabilities.
Figures released by companies confirm the scale of this structural imbalance, estimating total thefts in 2025 at around $2.7 billion. This figure is not limited to breaches of major platforms but also includes thefts from individual digital wallets, indicating that the danger zone now extends across the entire chain, from infrastructure to the end-user.
A company specializing in Web3 security, which oversees a relevant database, confirms the same estimate for the scale of losses, reinforcing the reliability of these numbers and pointing to a recurring pattern rather than exceptional incidents.
This landscape is no longer confined to its narrow technical or economic framework but is taking on a geopolitical character with escalating danger, as cyber attacks on cryptocurrencies become an effective tool within undeclared international conflicts.
In this context, published data indicates that North Korea tops the list of the main beneficiaries of the recent wave of attacks.
Estimates suggest that hackers linked to North Korea seized at least $2 billion in cryptocurrencies in 2025 alone, raising the cumulative total to about $6 billion since 2017.
According to these estimates, the proceeds from these operations are used to fund North Korea’s nuclear program, which is subject to strict international sanctions. This makes cryptocurrencies an alternative strategic funding channel that allows circumventing the traditional financial system and international monitoring mechanisms.
In this sense, the blockchain economy is no longer just a space for financial innovation or high-risk investment. It has transformed into an advanced arena where cyber considerations intersect with national security calculations, and technology intertwines with geopolitics in an unprecedented manner.
Other prominent attacks during 2025 reflect the breadth and diversity of targeting: from the breach of the decentralized Cetus platform with losses of $223 million, to the attack on the Balancer protocol built on the Ethereum network with losses of $128 million, and the breach of the FameEX platform with the theft of over $73 million.
This diversity in targets—whether centralized or decentralized—points to a shared fragility in design and governance models,
