$2.4B lost in 2025 H1 crypto hacks — exchanges and DeFi hit hardest: report

Crypto.news
2025/07/04 18:57
In the first half of 2025, the blockchain industry suffered over $2.37 billion in losses due to security incidents, with the DeFi sector hit the hardest. Scams targeting individual users have also proliferated, with AI enabling increasingly sophisticated schemes.

According to SlowMist’s mid-year “Blockchain Security and AML Report,” the blockchain industry saw approximately $2.37 billion in losses across 121 security incidents in the first half of 2025. This represents an almost 66% increase in financial losses compared to the same period in 2024, despite a decline in the number of incidents.

$2.4B lost in 2025 H1 crypto hacks — exchanges and DeFi hit hardest: report - 1

DeFi continues to be the most targeted sector, accounting for 76.03% of all incidents and approximately $470 million in losses. However, CEX platforms experienced $1.883 billion in losses from just 11 incidents, indicating high-value targets for attackers.

Account compromises were the leading cause of security incidents, followed by smart contract vulnerabilities.

Beyond direct attacks on projects, SlowMist’s report highlighted several fraud tactics targeting individual users that have characterized the first half of 2025:

Phishing Using EIP-7702

Attackers are exploiting new features of the EIP-7702 contract delegation mechanism that was introduced with Ethereum’s Pectra upgrade. On May 24, a user lost $146,551 after falling victim to a phishing attack that misused MetaMask’s EIP-7702 delegation feature. The scam, carried out by the Inferno Drainer group, tricked the user into authorizing a legitimate-looking contract, which then exploited bulk token approvals to drain funds.

Deepfakes

The rapid advancement of generative AI has ushered in a new wave of “trust-based scams.” In early 2025, a fake Zoom meeting using deepfakes led to the theft of all crypto assets from Mehdi Farooq, a partner at Hypersphere Ventures, after attackers impersonated known contacts and tricked him into downloading malware. Other high-profile cases include AI-generated videos of Elon Musk and Singapore officials promoting fake investment schemes.

Telegram Fake Safeguard Scams

These scams trick users into executing malicious code from their clipboard. Victims were lured through fake X accounts impersonating crypto influencers, then redirected to Telegram groups where “Tap to verify” links activated trojan-laced PowerShell commands. These attacks led to full device compromise, allowing remote access tools steal wallet files, private keys, and even control Telegram accounts across both Windows and macOS systems.

Malicious Browser Extensions

Disguised as “Web3 security tools” or exploiting automatic update mechanisms, these fake extensions hijack download links to install malicious software and steal mnemonic phrases, private keys, or login credentials. One high-profile case involved the “Osiris” extension, where attackers hijacked a legitimate developer’s Chrome Web Store account through a phishing-based OAuth exploit, pushing a stealthy malicious update to over 2.6 million users.

LinkedIn Recruitment Phishing

In 2025, LinkedIn-based phishing surged as attackers posed as blockchain startups to lure engineers into downloading malware disguised as technical tests. Scammers shared professional-looking project briefs and design documents, eventually sending victims to repositories containing heavily encrypted malicious payloads. Once executed, these backdoors steal host information, credentials, SSH private keys, and system Keychain data.

Social Engineering Attacks

Social engineering scams surged in early 2025, with the most high-profile case involving Coinbase. In this incident, attackers bribed overseas customer support staff to leak user data, then impersonated Coinbase reps using spoofed phone numbers and phishing messages to lure victims into transferring funds to wallets controlled by scammers. According to SlowMist, such coordinated attacks resulted in over $100 million in total user losses.

Backdoor Supply Chain Attacks via Low-Cost AI Tools

Developers seeking “unlimited access to advanced AI models” via unofficial channels risk installing malicious npm packages that deeply tamper with local applications. SlowMist flagged a case where a startup lost hundreds of thousands due to malicious code generated by such a tool, which installed backdoors via npm packages. Over 4,200 developers, mostly on macOS, were affected, allowing attackers remote control and credential theft.

Unrestricted Large Language Models

SlowMist’s report highlights several LLMs that have been “jailbroken” to bypass the ethical restrictions of their original versions. WormGPT specializes in generating malware-related content and phishing emails, while FraudGPT can produce fake crypto project materials and clones phishing pages. DarkBERT, trained on dark web data, enables highly targeted social engineering campaigns. GhostGPT can create deepfake scams impersonating exchange execs, among other malicious uses.

Bolivia Calls Crypto 'Reliable Alternative' in New El Salvador Partnership Deal

Bolivia Calls Crypto ‘Reliable Alternative’ in New El Salvador Partnership Deal

Bolivia’s Central Bank has signed a memorandum of understanding with El Salvador’s National Commission of Digital Assets to promote crypto development, marking a dramatic policy reversal for a nation that previously banned virtual assets and now calls them a “ reliable alternative ” to traditional currencies. The cooperation agreement enables mutual information exchange and knowledge sharing on blockchain intelligence tools, risk analysis, and regulatory experiences between both institutions. Source: Press Release Bolivia’s Virtual Asset Usage Explodes 532% in One Year Bolivia’s virtual asset usage surged from $46.5 million to $294 million between June 2024 and June 2025 following regulatory changes. Source: Reuters The partnership comes into effect immediately for an indefinite period. This positions Bolivia to benefit from El Salvador’s pioneering regulatory framework and practical experience as the world’s first country to adopt Bitcoin as legal tender. El Salvador’s CNAD has become a fundamental actor in the global digital assets ecosystem. Bolivia’s embrace of cryptocurrency contrasts sharply with its historical stance, having previously maintained strict prohibitions on virtual assets before implementing Board Resolution 082/2024 in June 2024. The policy shift enables legal use of virtual assets for cross-border transactions and e-commerce payments. The agreement consolidates progress made in establishing digital assets as viable alternatives for families and small entrepreneurs. At the same time, Bolivia’s Central Bank commits to developing policies that modernize the financial system and deepen financial inclusion through regulated cryptocurrency ecosystems. El Salvador’s experience provides valuable guidance despite recent International Monetary Fund restrictions that have capped the country’s Bitcoin purchases and mandated privatization of the state-run Chivo wallet by July 2025. Bolivia’s Cryptocurrency Revolution Gains Momentum Earlier this year, the Central Bank of Bolivia authorized state oil company YPFB to use cryptocurrency for purchasing crude oil and diesel from international vendors in March 2025. They aimed to address foreign currency shortages that created fuel supply disruptions across the country. President Luis Arce’s cabinet granted YPFB permission to conduct fuel import deals using either USD or cryptocurrency, with Bolivia requiring at least $60 million weekly for fuel imports. The decree instructs YPFB to make budgetary adjustments covering financial costs within applicable regulations. Bolivia’s cryptocurrency adoption has accelerated rapidly, with virtual asset transactions exceeding 1.1 million from July to September 2024 , compared to 932,000 in the six months before then. Six financial institutions began operating with virtual assets, reporting 40% growth in operations between July and August. The Central Bank launched educational initiatives, conducting over 33 workshops nationwide, reaching more than 3,000 participants to inform the public about virtual asset characteristics and risks. The legal framework enables Bolivians to use cryptocurrency for cross-border transactions and e-commerce payments. The partnership with El Salvador provides technical expertise for developing secure and regulated cryptocurrency ecosystems. Source: Press Release Bolivia joins a growing number of countries using cryptocurrency for international trade, particularly those seeking alternatives to traditional banking systems amid sanctions or political tensions. El Salvador’s Bitcoin Model Faces IMF Constraints El Salvador maintains approximately 6,244 Bitcoin worth $742 million despite IMF loan agreement restrictions preventing new government purchases since February 2025. The $1.4 billion loan program requires the country to maintain unchanged Bitcoin holdings and privatize the Chivo wallet. President Nayib Bukele’s previous claims of daily Bitcoin purchases have been contradicted by IMF documentation confirming no new acquisitions since the loan agreement. On-chain activity showing Bitcoin movements between wallets represents internal transfers rather than fresh purchases. The IMF praised El Salvador’s updated Bitcoin policy for reducing fiscal risk and strengthening transparency, noting these steps help stabilize inflation and restore macroeconomic stability. However, Bitcoin is no longer considered mandatory legal tender under the agreement. ⚠️ El Salvador’s Bitcoin experiment appears to be faltering under the weight of an IMF loan agreement and declining public engagement. #IMF #ElSalvador https://t.co/65lADRixOH — Cryptonews.com (@cryptonews) July 26, 2025 El Salvador’s CNAD has consolidated its position as a regional leader in cryptocurrency regulation, promoting innovation, security, and regulatory compliance throughout the digital assets sector. The country’s regulatory framework remains among the most developed and advanced in promoting virtual assets globally. The My First Bitcoin organization reported that government-backed education and adoption efforts have stalled since the IMF deal , with declining public engagement in cryptocurrency learning programs. The shift has raised questions about the long-term viability of El Salvador’s original Bitcoin vision.
CryptoNews2025/07/31 17:17
Who are the best crypto content creators? Overseas community users recommend these 10

Who are the best crypto content creators? Overseas community users recommend these 10

Compiled by Tim, PANews Recently, Dragonfly Managing Partner Haseeb asked on Twitter: "Who do you think is the best writer in the crypto industry?" and included links to their excellent
PANews2025/07/31 16:49
WebX, Japan's largest Web3 event, will be held in Tokyo from August 25th to 26th.

WebX, Japan's largest Web3 event, will be held in Tokyo from August 25th to 26th.

WebX: Japan's Largest Web3 Event, 2025 Date: August 25th-26th, 2025 Venue: Prince Park Tower Hotel, Tokyo, Japan (〒105-8563, Shibakoen 4-8-1, Minato-ku, Tokyo)ザ・プリンスパークタワーTokyo） Organizer: CoinPost Guests: Arthur Hayes (Maelstrom CEO) Yoshitaka
TOWER Ecosystem
TOWER$0,0004958-13,27%
PANews2025/07/31 16:44

