The cryptocurrency world has faced a tough start to 2025. According to a new report from blockchain security company Immunefi, users have already lost over $1.7 billion to hacks and fraud, and it’s only April. That’s already more than the $1.49 billion total in crypto losses recorded in all of 2024.
Crypto has become more accepted, with big investors joining the market and even a crypto-friendly president now in the White House. But this growth has also attracted more cybercriminals, and they’ve been quick to take advantage.
The Bybit Hack: The Largest Crypto Theft in History
The biggest reason for the huge jump in crypto losses this year is one major incident: a $1.4 billion hack at crypto exchange Bybit.
In February 2025, hackers broke into Bybit’s system during a routine transfer between its cold wallets (offline) and warm wallets (online). They managed to steal a massive amount of Ethereum and Ethereum-based assets.
According to reports, the FBI believes this Bybit hack was carried out by North Korea’s Lazarus Group, a well-known cybercrime group that has targeted the crypto world before. This theft is now considered the largest hack in the history of cryptocurrency.
This single event made up most of the crypto losses so far in 2025, and it sent shockwaves throughout the industry.
April Sees $92 Million in DeFi Attacks
While the Bybit hack was the biggest, other attacks continue to happen, especially in the DeFi space, contributing significantly to overall crypto losses.
DeFi, short for decentralized finance, is a part of crypto where apps try to copy traditional banking services, like lending or trading, but without central control. These platforms use smart contracts, which are automated pieces of code. But they are still very new and often not secure enough.
In April 2025 alone, hackers stole $92.4 million across 15 DeFi hacks, according to Immunefi.
Here are two of the biggest DeFi hacks from April:
UPCX – $70 Million Loss
UPCX is an open-source DeFi platform focused on digital payments.
In early April, hackers attacked UPCX and stole 18.4 million UPC tokens, worth $70 million.
The attack happened because the platform had weak access controls, making it easy for hackers to take the tokens and move them to other wallets.
KiloEx – $7.5 Million Loss
KiloEx is a decentralized exchange where users trade perpetual futures (a type of crypto derivative).
- Two weeks after the UPCX hack, KiloEx was also attacked.
- Hackers manipulated KiloEx’s price oracle, which feeds pricing data to the platform. This allowed them to steal $7.5 million.
- In a surprising twist, the hacker later returned $5.5 million just four days after the attack.
These attacks show how vulnerable some DeFi projects still are. Even small mistakes in the code or weak security can lead to huge crypto losses.
Ethereum and BNB Chain Are Prime Targets
Immunefi’s report also found that most of these attacks are happening on two major blockchains:
- Ethereum
- BNB Chain
Together, these two networks accounted for about 60% of all crypto losses so far this year. This is likely because they host the largest number of DeFi projects, giving hackers more targets.
While Ethereum is the most popular platform for DeFi and NFTs, BNB Chain has grown fast due to its low fees. But both platforms are facing increasing pressure to improve their security standards to prevent further crypto losses.
Why Is This Happening?
There are a few big reasons why losses are growing in 2025:
- More Money in Crypto: As crypto becomes more popular, there is more money in the system, so it becomes a bigger target for hackers.
- Fast Growth of DeFi: Many DeFi apps are created quickly by small teams. They don’t always have time to test everything properly, and this makes them easy to attack.
- Lack of Regulation: Unlike traditional banks, many crypto platforms operate without clear rules or government oversight. This makes it harder to prevent or punish fraud.
- Sophisticated Cybercriminals: Groups like Lazarus use advanced tools to find and exploit weaknesses in crypto systems. They’re not just small-time hackers, they’re well-funded and very skilled.
Is Crypto Getting Safer?
According to Mitchell Amador, CEO of Immunefi, the situation isn’t all bad. He says that “DeFi still operates in one of the most adversarial environments in software,” but security is improving, especially for more established projects.
“Generally, when it comes to established projects, we could argue that DeFi is getting safer,” said Amador.
“The maturity of the current security stack is far better than what we were seeing two or three years ago.”
In other words, well-known platforms are learning from past mistakes. They are hiring better developers, improving their code, and building stronger defenses.
But newer and smaller projects still face major risks. They often don’t have the resources to build strong security from day one.
Conclusion: A Wake-Up Call for the Crypto Industry
The $1.7 billion in crypto losses so far in 2025 is a clear warning to everyone involved in the industry. Even as crypto grows more popular, it’s still very risky, especially for people using new DeFi platforms or lesser-known exchanges.
To move forward, the crypto space needs to invest in better security, follow best practices, and possibly work with regulators to build trust and safety for users.
If these problems aren’t solved, users could continue to face massive losses, and the future of decentralized finance could be at risk.
