Crypto hack losses in July 2025 rose sharply, hitting $142 million—a 27% increase over June—as 17 major incidents exposed ongoing vulnerabilities in both exchanges and DeFi protocols. The spike has raised alarms across the industry about security preparedness and the sophistication of recent attacks.
Blockchain analytics firm PeckShield reported that crypto losses from hacks and exploits reached $142 million in July, up from $111.6 million in June. That increase reflects not just a growing number of incidents but also larger individual losses.
India-based exchange CoinDCX suffered the largest theft, with $44.2 million stolen in a breach orchestrated via compromised credentials—allegedly involving an insider. A software engineer employed by CoinDCX was arrested after investigators traced the breach back to login misuse for freelance work.
Meanwhile, DeFi protocol GMX lost about $42 million in a re‑entrancy exploit. Fortunately, hackers later returned the funds through a white‑hat agreement, mitigating full impact.
Despite recoveries and law enforcement intervention, these events pushed net crypto crime losses in the first half of 2025 past $2.2 billion, exceeding all of 2024.
Security analysts note a shift toward targeting off‑chain infrastructure—such as employee systems and backend APIs—rather than on‑chain smart contract flaws. This reflects increased attacker sophistication and a focus on quick execution and anonymity.
The median loss per incident last month was around $90,000, with an average of $7.1 million per hack. Of the total $142 million lost, roughly $187 million was recovered through white‑hat agreements, law enforcement actions, and exchange reimbursements.
The spike in July’s hacking losses comes amid a strong market rally in crypto, as Bitcoin soared above $120,000 and ETH climbed by over 50% in July alone. Advanced prices may embolden bad actors, prompting higher-value thefts.
As these attacks grow more complex, experts warn that exchanges and protocols must invest heavily in both technical and procedural security. Measures like multi-signature wallets, off‑chain controls, employee training, and infrastructure audits are increasingly critical.
Security specialist Michael Behnke commented that attackers are pivoting toward off‑chain systems. “Rather than exploiting contract code, hackers are increasingly targeting backend infrastructure and operational procedures,” he said, highlighting the evolution of crypto security risk.
Looking Ahead
With half of 2025’s hack losses already exceeding 2024 totals, the rest of the year may bring tougher scrutiny. As regulatory frameworks evolve—like the U.S. GENIUS Act establishing clear stablecoin rules—regulators may now turn to security standards and exchange compliance in greater detail.
Market participants should monitor recovery efforts, litigation outcomes, and whether exchanges enhance insurance coverage or user guarantees. Technological fixes alone aren’t enough—security must become holistic.
Read Also: Hong Kong stablecoin licences delayed until early 2026
