The total losses from cryptocurrency hacks in the first quarter of 2025 amounted to more than $1.93 billion, distributed among 43 separate incidents. This is stated in a report by Global Ledger analysts, which they shared with Incrypted.
It is worth noting that in the first three months of 2025, almost as much money was stolen as in the whole of 2024 — $1.93 billion versus $1.94 billion.
According to the platform, contract exploits remain the main attack vector, accounting for 62.79% of cases (27 out of 43). These attacks caused the largest financial losses — $1.5 billion or 77.56% of all losses.
“Contract exploits remain the most persistent and lucrative attack method in the cryptocurrency environment,” the report says.
Compromised private keys are in second place (9 cases, $140 million in losses), followed by rug pull fraud schemes — there were only two of them, but they took $290 million (14.82%).
Centralized crypto exchanges (CEXs) suffered the largest losses, accounting for $1.54 billion, or 79.56% of total losses. This confirms that CEXs continue to be the primary targets for technically prepared attacks.
In comparison, other segments suffered the following losses:
- Tokens: $290 million (14.86%);
- DeFi, payment platforms, credit protocols: less than 5% of total losses;
- NFT, gaming, and metaverse: symbolic but reputationally sensitive targets.
In turn, $1.44 billion of the stolen funds (more than 74%) were attributed to North Korea. All other hacker groups combined stole only $0.45 billion, despite the higher number of attacks.
“This underscores the DPRK’s highly sophisticated, state-sponsored approach to hacking infrastructure for financial gain,” the experts said.
Despite the sanctions imposed by the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) in 2022, as well as numerous attempts at regulatory pressure, the Tornado Cash cryptomixer remained the most popular money laundering tool, used in 53.33% of all cases.
After the sanctions were lifted by a US court decision in 2024, its use only increased, which indicates the ineffectiveness of regulating immutable smart contracts.
In addition, the report indicates that an average of 43.83 hours elapse between hacking and public disclosure, and stolen funds reach their target addresses in less than 68 hours.
According to the Global Ledger, the stolen $1.55 billion remains unspent, creating opportunities for partial recovery and investigations.
We would like to remind you that scam tokens have helped fraudsters to gain more than $857.5 million amid the hype around the OFFICIAL TRUMP (TRUMP) memecoin.