Key Takeaways
- The biggest crypto hacks of 2025 recorded over $2 billion in stolen assets, with Bybit’s massive $1.46 billion breach leading the year.
- Attackers exploited coding flaws, phishing campaigns, and private key vulnerabilities across major exchanges, DeFi protocols, and wallet services.
- Each breach highlighted gaps in audits, user education, and regulatory consistency, showing clear patterns that attackers continue to exploit.
- Industry efforts focus on audits, layered defenses, bug bounties, and global collaboration to strengthen digital asset resilience against future hacks.
2025 has left its mark on digital assets. Headlines have carried stories of billion-dollar breaches, crypto exchanges scrambling for recovery, and investors questioning their trust in platforms they once relied on. The scale of what has happened so far is unlike anything recorded before, and the numbers behind these incidents are staggering.
Several attacks were precise and technical; others relied on tricking people, and many caught victims completely off guard. Each one tells a story of how vulnerabilities are discovered, exploited, and paid for.
The details behind these events reveal how the future of security is being tested every single day.
10 Biggest Crypto Hacks of 2025
| Hack Name | Company or Entity Affected | Hacker (If Known) | Value |
|---|---|---|---|
| Bybit Exchange Breach | Bybit | Unknown | $1.46 Billion |
| Nobitex Hack | Nobitex (Iran) | Predatory Sparrow (claimed) | $90 Million |
| Coinbase Support Exploit | Coinbase | Unknown | ~$400 Million |
| Balancer v2 Exploit | Balancer | Unknown | $129 Million |
| UPCX Exploit | UPCX | Unknown | $70 Million |
| Upbit Exchange Breach | Upbit | Unknown | $34 Million |
| Zoth Exploit | Zoth | Unknown | $8.4 Million |
| WEMIX Breach | WEMIX | Unknown | $6.1 Million |
| BigONE Supply Chain Attack | BigONE | Unknown | $27 Million |
| CoinDCX Hack | CoinDCX | Unknown | $44 Million |
Bybit Exchange Breach – Bybit – $1.46 Billion
The Bybit hack became one of the largest crypto thefts ever recorded. Attackers infiltrated their systems and drained funds across multiple tokens. Forensics suggest a sophisticated breach that combined technical exploits with weaknesses in internal controls. The company faced immediate liquidity challenges while trying to rebuild trust with users. This single incident alone accounted for nearly three-quarters of all stolen assets in early 2025.
Investigators believe the attackers used a combination of compromised credentials and technical vulnerabilities. Bybit committed to improving cold storage security and monitoring systems. The event has already influenced discussions on regulatory oversight and insurance for centralized exchanges worldwide.
Is Bybit safe? Explore Webopedia’s Bybit Review 2025 to learn more.
Nobitex Hack – Nobitex – $90 Million
Nobitex, the largest Iranian exchange, confirmed that hackers removed $90 million from user accounts. A hacker group named Predatory Sparrow claimed responsibility, stating that political motives influenced the attack. The loss weakened trading volumes across the region, and users began moving funds to offline storage in response.
The breach highlighted how geopolitical tensions can spill into the crypto market. Nobitex temporarily suspended services, creating frustration among users who depended on it for liquidity. The incident also revealed how exchanges in restrictive environments face unique risks due to limited access to international security partners and slower patching of vulnerabilities.
Coinbase Support Exploit – Coinbase – ~$400 Million
Coinbase suffered a major exploit involving its customer support systems. Attackers used social engineering and possible insider access to compromise accounts. Losses mounted quickly as private keys and access credentials were exposed. While the company reimbursed users, the breach highlighted vulnerabilities in human-operated processes.
The case illustrated that even industry leaders are not immune to traditional attack vectors. Phishing, impersonation, and manipulation of employees can bypass even the most advanced cryptographic safeguards. Coinbase responded with stricter internal protocols and more robust monitoring of account activities. The hack also underscored the importance of employee training and layered defense mechanisms.
Balancer v2 Exploit – Balancer – $129 Million
The Balancer protocol suffered a critical exploit in November 2025 that resulted in the loss of approximately $129 million. Attackers targeted the v2 composable stable pools, leveraging a rounding error vulnerability to manipulate exchange rates and drain assets across multiple chains, including Ethereum and Arbitrum. The incident shocked the DeFi community, as Balancer is considered a veteran protocol with a long history of security, yet this dormant bug went undetected for years.
Technical analysis revealed that the attackers utilized a sophisticated loop of deposits and withdrawals to exploit the mathematical flaw in the pool’s accounting logic. In response, the Balancer team paused the affected pools and coordinated with security partners to freeze stolen assets, eventually recovering a portion of the funds.
UPCX Exploit – UPCX – $70 Million
The UPCX platform lost $70 million when attackers exploited weaknesses in its token contracts. The breach focused on protocol-level vulnerabilities that allowed unauthorized withdrawals. Developers paused operations, and users faced extended downtime while fixes were deployed.
The exploit drew attention to how smaller protocols often cut corners in security testing to launch quickly. While UPCX worked transparently with the community after the incident, the damage had already shaken investor confidence. The platform’s case reinforced the need for mandatory third-party reviews before projects expose tokens to the public.
Upbit Exchange Breach – Upbit – $34 Million
South Korea’s largest cryptocurrency exchange, Upbit, fell victim to a targeted security breach in November 2025, resulting in the theft of roughly $34 million (44.5 billion won). The attack specifically targeted the exchange’s hot wallets, allowing hackers to siphon funds before security systems could intervene. While the financial impact was significant, Upbit acted quickly to cover the losses from its own corporate reserves, ensuring that no customer balances were permanently affected.
The incident underscored the persistent threats facing centralized exchanges, particularly in the Asian market, which has been a frequent target for advanced persistent threats (APTs). Following the breach, Upbit suspended deposits and withdrawals for affected assets like Solana and migrated remaining funds to cold storage.
Zoth Exploit – Zoth – $8.4 Million
Zoth, a restaking protocol linked to real-world asset structures, lost $8.4 million in digital assets. Attackers manipulated transaction flows and extracted funds before developers noticed anomalies. The project communicated openly about the breach, but users questioned the resilience of newer restaking models.
The loss showed how experimental financial instruments can attract risk. Complex systems connecting off-chain and on-chain assets create new attack surfaces. Zoth developers promised stricter testing and introduced bug bounty programs to incentivize early discovery of vulnerabilities. Investors and analysts view this case as a cautionary tale for restaking experiments.
WEMIX Breach – WEMIX – $6.1 Million
The WEMIX ecosystem, known for blockchain gaming and NFT infrastructure, saw attackers extract over $6 million. Investigators pointed to flaws in smart contract code and weak external checks. The hack disrupted ongoing game economies and forced developers to rewrite contract layers.
For players and creators, the breach created a ripple effect that extended beyond financial loss. Game assets tied to real money lost value overnight, impacting trust in blockchain-based gaming. WEMIX has since doubled investment in contract audits and pledged compensation plans to repair confidence among users.
BigONE Supply Chain Attack – BigONE – $27 Million
BigONE exchange suffered a $27 million loss after attackers injected malicious code into third-party software tools. The supply chain approach allowed them to bypass traditional defenses.
Supply chain attacks show how modern systems depend on many interlinked components. Even when direct defenses are strong, third-party integrations create unexpected risks. BigONE responded by reducing reliance on external vendors and creating new monitoring layers.
CoinDCX Hack – CoinDCX – $44 Million
CoinDCX, a leading Indian exchange, lost $44 million after attackers gained unauthorized access to internal treasury accounts. Investigations suggested phishing and internal credential misuse as possible entry points. The company responded with enhanced multi-factor protections and system audits.
The attack shook confidence in India’s growing digital asset industry. Regulators began asking for stricter reporting standards and security disclosures from exchanges. CoinDCX communicated regularly with its users and worked to restore full service. The event reminded many that internal systems can be as vulnerable as external-facing platforms.
Is There a Solution to Crypto Hacks?
Crypto security has advanced, yet the scale of breaches in 2025 shows how much work remains.
- Developers are investing in rigorous code audits and live monitoring tools that identify flaws before attackers exploit them.
- Exchanges are experimenting with layered defenses, combining multi-factor authentication with hardware isolation for private keys.
- Insurance options are also emerging, giving users partial protection, though coverage remains narrow.
- Education has become a priority, with platforms training people to spot phishing and suspicious prompts that often open the door to intruders.
Stronger security will depend on industry-wide collaboration. Regulators, developers, exchanges, and auditors are beginning to align efforts. Current discussions highlight several strategies:
- Shared threat databases where firms record and compare new attack methods.
- Bug bounty programs that reward ethical hackers for exposing weaknesses.
- Interactive training tools that guide users through real-world attack simulations.
- Layered defense systems mixing biometric checks, cold storage, and active monitoring.
- Global regulatory cooperation that enforces uniform standards and quicker responses.
Closing Thoughts
The scale of losses in 2025 reveals more than numbers on a ledger. Each attack tells a story of ingenuity misused, defenses tested, and lessons learned at a steep cost. The Bybit breach alone reshaped how exchanges view exposure, while smaller incidents showed that even niche projects face relentless probing from attackers.
The conclusion is simple. Progress will come from cooperation, sharper tools, and a culture of responsibility. Each improvement builds resilience, giving participants more confidence that digital assets can thrive in safer conditions.
