Chainalysis’s Mid-Year Crypto Crime Update showed that crypto thefts surpassed US$2.17B in H1 2025, thanks to North Korea’s ByBit hack.

Chainalysis’s latest Mid-Year Crypto Crime Update indicated that crypto thefts have surged to unprecedented levels in 2025 with over US$2.17 billion stolen from cryptocurrency services in the first half of the year, surpassing the entirety of 2024 and setting the stage for a potential US$4 billion in annualised losses.

The catalyst behind this alarming rise is a US$1.5 billion exploit of ByBit, widely attributed to the Democratic People’s Republic of Korea (DPRK), or North Korea. This incident now stands as the largest single crypto hack in history. The escalation marks a 17% year-on-year increase compared to 2022, which previously held the record for stolen funds.

According to the Mid-Year Crypto Crime Update, the velocity and sophistication of attacks are intensifying, with the ByBit hack alone accounting for nearly 69% of all service-targeted thefts this year. The operation reportedly involved social engineering and insider infiltration, a known tactic among North Korean-affiliated actors.

While service attacks dominate headlines, theft from personal wallets has quietly surged. Individual wallets now represent over 23% of all crypto thefts, a sharp uptick driven by improved service-level defences and a growing pool of high-value individual holders.

Notably, Metamask users have been heavily impacted by anomalous attack patterns, including coordinated thefts affecting hundreds of wallets per day. A June 2025 cluster impacted over 200 victims in a single day, hinting at either technical vulnerabilities or exploited third-party infrastructure.

Adding a physical layer to digital crime, wrench attacks involving violence or coercion against crypto holders have spiked sharply, with the number of incidents in 2025 potentially doubling previous records. A notable case in the Philippines underscored the severity of this trend: blockchain analytics helped solve the abduction and murder of Elison Steel CEO Anson Que, with the ransom funds traced on-chain and partially frozen through coordinated law enforcement and industry response.

Additionally, the Mid-Year Crypto Crime Update showed that the U.S., Germany, Russia, Japan, and Indonesia have seen the highest victim counts, while countries like Chile, UAE, and India are experiencing greater severity per victim. Regionally, North America leads in BTC and altcoin theft, while Europe sees more stablecoin and ETH-related losses. APAC remains highly targeted, particularly on non-EVM chains.

Despite dropping transaction fees across blockchains, criminals are paying higher premiums to move illicit funds, prioritising speed and finality over cost. Interestingly, attackers targeting services display higher laundering sophistication, using bridges and mixers, while those compromising personal wallets more frequently send funds to centralised exchanges or sanctioned entities.

The report warns that 2025’s threat environment marks a critical inflection point. As criminals grow more adaptive and target a broader range of users, the need for industry-wide improvements in security, regulatory coordination, and user protection has never been greater. Whether the ecosystem can adapt quickly enough may define the trajectory of crypto crime for years to come.

Read the blog here.

Like our content? 

Support us through the Ko-fi button on the bottom left corner, or via our affiliate links below.

Leave a Reply

Your email address will not be published. Required fields are marked *

Instagram