During the first half of 2025, the damage from hacking and phishing scams in the cryptocurrency market exceeded approximately 2.954 trillion won (22 billion dollars), surpassing the total damage from last year. According to the latest report by blockchain security company CertiK, a total of 344 on-chain security incidents occurred from January to June this year.
In particular, wallet hacking recorded about 2.363 trillion won (17 billion dollars) out of the total damage, causing massive losses in just 34 incidents. Phishing scams caused damages of about 570 billion won (410 million dollars) across 132 incidents.
The largest hacking this year was the Bybit attack in February, where staked Ethereum-related wallets were attacked, resulting in approximately 2.085 trillion won (15 billion dollars) being stolen. In May, the Cetus Protocol was exposed to a smart contract vulnerability, suffering damages of about 313 billion won (225 million dollars). Fortunately, about 225 billion won (162 million dollars) was recovered through the cooperation of Sui validators.
Ethereum (ETH) was the most persistently targeted blockchain. Out of a total of 175 incidents, the damage on Ethereum-based platforms alone amounted to about 2.224 trillion won (16 billion dollars). In May, damages due to smart contract defects reached about 318 billion won (229 million dollars), a significant increase from April's 7 billion won (5 million dollars).
The report also emphasizes the increase in physical attacks. Over the past six months, 32 physical attacks including kidnapping, violence, and threats occurred, primarily in Europe. In France, a kidnapping attempt targeting the Paymium CEO's family was confirmed.
Nevertheless, assets worth about 260 billion won (187 million dollars) were recovered through collaboration between white hat hackers, investigative agencies, and exchanges. However, as attack methods become increasingly sophisticated and malicious, a global industry-wide joint response to strengthen security is urgently needed.
Experts pointed to private key management as the primary vulnerability. Cryptocurrency wallet private keys are often stored without encryption or concentrated under a single manager, creating a structural risk that provides hackers with an ideal attack opportunity.
The report warns that as the DeFi and Web3 ecosystem expands, security practices are not evolving accordingly, urging the industry to make systematic improvements.
Real-time news...Go to TokenPost Telegram
<Copyright ⓒ TokenPost, Unauthorized Reproduction and Redistribution Prohibited>
