Crypto Under Siege: Billions Lost in H1 2025 and the Battle for Web3 Security
**Episode Description:**The first half of 2025 has witnessed an unprecedented surge in cyberattacks against cryptocurrency exchanges, leading to billions of dollars in stolen digital assets [1-3].

In this episode of “Upwardly Mobile,” we delve into the alarming statistics from CertiK’s latest report and dissect the most significant incidents, including the Coinbase data breach and the Bybit hack [1, 2, 4]. Discover the evolving tactics employed by sophisticated attackers—from insider threats and social engineering to supply chain attacks and wallet compromises—and explore the critical security measures and technologies platforms are implementing to safeguard user funds and rebuild trust in the volatile Web3 landscape [5-11].

Key Takeaways:
• Record-Breaking Losses in H1 2025: Approximately $2.47 billion in cryptocurrency was stolen through hacks, scams, and exploits in the first half of 2025, already surpassing the total amount lost in all of 2024 [1-3]. According to CertiK, when accounting for confirmed, unrecovered losses, the net figure stands at $2.29 billion, exceeding last year’s adjusted total of $1.98 billion [3].
• Major Incidents Driving Losses: Two significant events accounted for nearly $1.78 billion of the total losses in H1 2025 [3]:
    ◦ Bybit Breach (February 2025): Hackers stole an estimated $1.4 billion from the Dubai-based exchange in an attack linked to Lazarus, a state-sponsored North Korean APT group [1]. This incident largely contributed to wallet compromise being the costliest attack vector [6].
    ◦ Cetus Protocol Incident: This decentralized exchange (DEX) on Sui lost $225 million due to hackers using spoofed tokens and price manipulation [6].
• Coinbase Under Attack:
    ◦ May 2025 Data Breach (Insider Threat/Social Engineering): Hackers bribed and coerced a small group of overseas customer support agents to steal sensitive customer data, including names, dates of birth, partial Social Security numbers, masked bank account numbers, addresses, phone numbers, and emails [4]. While no login credentials or private keys were obtained, this data was used for social engineering attacks [4]. Coinbase refused a $20 million extortion attempt and instead established a $20 million reward fund for information leading to the attackers’ arrest [12]. The estimated financial impact for Coinbase is between $180 million and $400 million, including voluntary customer reimbursements for funds lost to social engineering [12]. This incident highlighted the critical risk of insider threats and the need for enhanced real-time endpoint security and data loss prevention (DLP) [5, 7].
    ◦ March 2025 GitHub Action Supply Chain Attack: Coinbase was an initial target of a supply chain attack on GitHub Action, exploiting a public continuous integration/continuous delivery flow [5]. Coinbase successfully detected and mitigated this issue [5].
• Evolving Attack Vectors:
    ◦ Social Engineering and Phishing: These tactics remain highly lucrative, with scammers evolving methods to trick victims into revealing sensitive information or transferring funds [6, 13]. Phishing was the most costly attack vector in Q2 2025, with over $395 million lost, surpassing previous periods [14].
    ◦ Wallet Compromise: This has been the costliest attack vector overall in H1 2025 due to major incidents like the Bybit hack [6].
    ◦ Infrastructure-Level Breaches: More than 80% of stolen funds in 2025 have resulted from breaches where hackers gain significant access to core infrastructure [7].
    ◦ Targeting Employees/Contractors: The Coinbase incident specifically illustrates a growing trend of cybercriminals bribing or coercing individuals with legitimate system access [7].
    ◦ Supply Chain Attacks: Exploiting vulnerabilities in third-party tools or service providers, often through weak APIs or compromised software updates [10].
    ◦ Malware Attacks: Including Advanced Persistent Threats (APTs) and keylogging for credential theft [15].
• Strengthening Defenses: Crypto exchanges are implementing comprehensive security frameworks and multi-layered approaches to build resilience [11]:
    ◦ Advanced Wallet Technologies: Utilizing Multi-Party Computation (MPC) Wallets to eliminate single points of failure by never reconstructing private keys in full [9, 16], alongside robust hot-warm-cold storage architectures [16].
    ◦ Enhanced Security Protocols: Implementing Multi-Factor Authentication (MFA), biometric verification, and real-time transaction notifications [8].
    ◦ Strong Governance Policies: Multi-approval policies for high-risk actions [8].
    ◦ Insider Threat Detection: Robust detection and prevention systems are crucial [7].
    ◦ Continuous Monitoring: Real-time monitoring of API activity and system updates [10].
    ◦ Compliance: Adherence to international security standards like SOC 2 and ISO 27001 provides built-in compliance assurance [17].

Relevant Links to Source Materials:
• Excerpts from “Crypto Losses Surpass $2.47 Billion in H1 2025, CertiK Report Reveals Alarming Rise in Phishing Attacks” 
• Excerpts from “How Crypto Exchanges Get Hacked: Understanding the Growing Threat Landscape” 

**Sponsor Message:**This episode of Upwardly Mobile is brought to you by Approov. In a world where mobile apps are crucial for engaging customers and employees, Approov provides advanced mobile app protection against reverse engineering, tampering, and automation. Secure your APIs and protect your critical data with Approov. (Note: The information regarding Approov.io is not from the provided sources and should be independently verified.) Learn more at approov.io.

**Keywords:**Cryptocurrency, Crypto exchange hacks, Cyberattacks 2025, Web3 security, Coinbase hack, Bybit breach, CertiK report, Social engineering, Insider threat, Supply chain attack, Crypto losses H1 2025, Digital asset security, Blockchain security, Phishing attacks, Wallet compromise, MPC wallets, Data breach, Cybersecurity for crypto, Decentralized finance, DeFi.