Multiple authoritative reports confirm a significant increase in losses throughout the year.
According to reports from several authoritative English-language media outlets and research institutions, including CoinTelegraph , blockchain security company CertiK , and Business Insider , although the number of crypto asset security incidents decreased throughout the year, the total losses caused by hacking, exploitation, and fraud still rose to approximately $3.3 billion to $3.35 billion due to several high-impact attacks .
This trend reveals a shift in the structure of crypto security risks: the frequency of routine, low-value attacks is declining, while a small number of highly sophisticated, targeted attacks account for the vast majority of total losses .
The number of incidents decreased, but the average loss per attack increased significantly.
According to data from CertiK's annual security review cited by CoinTelegraph, although the total number of crypto security incidents decreased year-over-year, the average loss per incident increased by more than 60% year-over-year , reaching approximately $5.3 million .
This trend is also corroborated by long-term research from blockchain analytics firm Chainalysis . Their analysis indicates that attackers are increasingly concentrating resources on high-value infrastructure and critical nodes , rather than on scattered, small-scale attacks targeting individual users, thus significantly amplifying the economic consequences of each successful attack.
Supply chain attacks accounted for the majority of the total losses.
Multiple reports have highlighted that supply chain vulnerabilities have become one of the most destructive attack paths . According to CertiK data, just two major supply chain-related incidents resulted in approximately $1.45 billion in losses, nearly half of all crypto security losses for the year .
Unlike traditional smart contract vulnerabilities, supply chain attacks typically bypass regular code audits and directly target third-party dependencies, development environments, or underlying infrastructure , making the attacks more covert, wider in scope, and more costly to fix.
The Bybit incident serves as a classic example of systemic risk.
Of all the disclosed incidents, the Bybit security breach in February 2025 is considered the most serious single attack of that year. According to reports from CoinTelegraph and Business Insider, the incident involved the loss of approximately $1.4 billion in digital assets , making it one of the largest hacks in the history of the crypto industry.
Following the incident, CoinTelegraph reported that Bybit initiated a large-scale security overhaul, including multiple rounds of external security audits and internal process upgrades, and restored the platform's liquidity levels in approximately 30 days . This process highlights both the systemic impact of the incident and reflects the resilience required of large platforms under extreme risks.
The nature of crypto security risks is changing.
Analysis from CoinTelegraph, CertiK, and Chainalysis reveals that crypto security risks are shifting from technical issues primarily involving contract vulnerabilities to systemic risks centered on infrastructure and dependencies . In this context, code audits at the single-project level are no longer sufficient to cover the most destructive sources of risk.
This change places higher demands on exchanges, protocol projects, and institutional participants, requiring security protection systems to be upgraded from "project-level" to "ecosystem-level".
Security capabilities have become a key threshold for institutional participation.
As the global regulatory environment becomes clearer and institutional participation continues to expand, security performance is becoming a key factor influencing market trust and institutional access . Multiple English-language reports indicate that the future development of the crypto industry depends not only on the improvement of compliance and regulatory frameworks, but also on the platform's ability to maintain operational resilience in low-frequency but highly destructive attack scenarios .
From this perspective, the latest disclosed loss data is not only a summary of individual events, but also a real-world stress test of the maturity of the entire industry.
