It's ominous that the number of hacks has halved, yet the damage has increased to $3.4 million. If nation-state attackers are targeting exchanges, I feel we have no choice but to strengthen our own management of virtual currencies. Decentralized management will likely become important. #VirtualCurrency #Security
A quick video explanation of this blog post!
This blog post is explained in an easy-to-understand video.
Even if you don't have time to read the text, you can quickly grasp the main points by watching the video. Please take a look!
If you found this video helpful, please follow our YouTube channel "Cryptocurrency Information Bureau," where we deliver cryptocurrency news every day.
Subscribe here:
https://www.youtube.com/@WEB3engineerjourney
Jon and Lila share their unique perspectives in this conversation in English 👉 [Read the dialogue in English]
👋 Everyone who is holding on, are you still breathing?
In 2025, the cryptocurrency market saw Bitcoin reach a new all-time high, but also faced serious security issues. According to the news, the number of hacks increased year-on-year.HalvedHowever, the loss amount$3.4 billionThe number of cryptocurrencies has reached 100 million, and a "super dangerous" threat has emerged, particularly from nation-state-sponsored hackers targeting centralized exchanges. The massive Bybit hack is a prime example, and it's not just a prank by a minor villain, but a professional-level cyber attack that has shaken market confidence. This isn't just news, it's a story that directly hits our wallets.
🔰 Difficulty:Elementary to Intermediate
🎯 Recommended:People who want to understand technology trends
Cryptocurrency hacks will plummet in 2025, but data reveals more dangerous financial threats
📌 Three Key Points
- The number of hacks has halved, but the losses have skyrocketed! State-sponsored professional hackers are to blame.
- Centralized exchanges are more likely to be targeted, so it may be riskier than DeFi.
- Strengthening security will be key in 2026. How can we protect ourselves at the individual level?
📑 Table of Contents
- 1. Background and Issues: Why are there fewer hacks but more threats?
- 2. The Heart of the Technology: Dissecting the Tactics of Nation-State Hackers
- 3. Application and Market Impact: How does this impact our trade?
- 4. Actions by level: How to protect yourself right now
- 5. Future Outlook and Risks: What will happen in 2026?
- 6. Summary
Background and Issues: Why are there fewer hacks but more threats?
Okay, let's pretend we're sitting next to each other in a cafe. Imagine your wallet is prone to pickpockets on the street, but recently pickpockets have become less common, and now professional bank robbers are hacking into your accounts instead.
Let's look at the data for 2025: the total number of hacks has fallen by half from the previous year.Over 300 itemsThe amount of loss has decreased significantly.$3.4 billionBeyond! Why? That isState-sponsored cybercriminalsBecause he's getting serious.
To use an analogy, hacking in the past was like "a kid in the neighborhood stealing a bicycle." Now it's like "a professional in a spy movie breaking into a vault." North Korea-related hackers$2.02 billionThis is not just a number, it's a huge blow to the credibility of the entire market.
The problem is that centralized exchanges (CEX) are easy targets. They're not decentralized like DeFi, so one hit can cause major damage. The coins you store on exchanges might actually be at risk. It's not funny, but to put it humorously, it's like, "CEXs are convenient, but they attract hackers like a giant honey pot."
Furthermore, physical threats have increased in 2025. There's even violence, like hackers amputating fingers... This is no longer just digital. These threats are behind the $1 tonne wiped out across the market.
The heart of the technology: Dissecting the modus operandi of nation-state hackers
Now onto the main topic. Let's break down how the hack works, just like defeating a boss in a game. First, take a look at the diagram.
This diagram visualizes hacking patterns in 2025. On the left are traditional small-scale hacks, and on the right are large-scale nation-state attacks.
The coreAccess Control FailureとSocial EngineeringWhat is social engineering? Simply put, it's the professional version of the "I'm pretending to be your friend and asking for your password" scam. Instead of exploiting code bugs like the DeFi smart contract vulnerabilities, they deceive humans.
To use a joke analogy, they naturally elicit information like asking your girlfriend, "What's your birthday?" But if it's state-sponsored, they'll use AI to send thousands of phishing emails. That's exactly what happened with the Bybit hack, where they gained internal access and siphoned off all the funds.
From a tokenomics perspective, centralized exchanges manage all user funds, so the rewards (hacking profits) are large. Decentralized exchanges (DeFi) share funds with everyone, so the risk per person is small, but the overall security may be strong.
Let's compare them. Here's a table showing the differences between the previous hack and this one:
| Item | Conventional | This time (2025) |
|---|---|---|
| Main methods | Exploiting bugs in smart contracts (e.g., reentrancy attacks) | Social Engineering and Access Control Violation |
| Target | Mainly DeFi protocols | Centralized Exchanges (CEX) |
| loss scale | Million dollar range | Hundreds of millions of dollars, total of $3.4 million |
| Criminal | Individuals and small groups | State-sponsored hackers (e.g., North Korea) |
| Humorous Examples | "I forgot my keys and can't get into my house" | "The whole house was stolen." |
Looking at this table, the quality has improved in 2025. It's like a hacker leveling up in an RPG.
Applications and Market Impact: How does this impact our trade?
So how can we make use of this? From a user's perspective, it will change the choice of exchange. CEX is convenient, but has a high risk of being hacked. Therefore, more people may shift to DeFi. For example, by directly swapping with Uniswap, you can protect your own assets just like cooking your own meals.
From a developer's perspective, strengthening security is essential, incorporating multi-signature wallets (keys approved by multiple people) and AI-based anomaly detection. The impact on the market as a whole will be stricter regulation. The winners of regulation in 2025 will strengthen the safety net in 2026. However, there is also a risk that excessive regulation will stifle innovation.
Example of impact: Bitcoin price lost $1tn at the end of the year due to hack news. Your portfolio will also be shaken by news like this. To put it humorously, "Hackers are the market's natural enemy, but that is also their source of growth."
Furthermore, with the rise of physical threats, offline wallet storage (cold wallets) is likely to become popular. This is an opportunity for developers to create user education tools and empower everyone.
Actions by level: Protection methods you can put into practice right now
It's not about "buying" but about "understanding and experiencing." For beginners: First, turn on 2FA (two-factor authentication) on all exchanges. Example: Create a double lock, like a fingerprint on your smartphone.
Intermediate: Try microtransactions with a DeFi wallet (Metamask). Experience how gas fees work and learn how to hack them. Joke: "High gas fees are annoying, but they might slow down hackers."
To everyone: Follow the news and read analysis of incidents like Bybit. As an experiment, check your computer with a free security tool (e.g., virus scanner). If you use overseas exchanges, remember the risks beyond legal protection.
Action List:
- Beginner: Using a password manager (like LastPass)
- Intermediate: Learn the basics of smart contracts through online courses
- General: Make regular backups
Future Outlook and Risks: What will 2026 bring?
The outlook is bright. By 2026, regulatory advances and AI security may further reduce hacks. Strengthening Bitcoin's defenses (e.g., decentralizing mining) will be key. However, nation-state hackers continue to evolve.
Risks are technical: Vulnerabilities in smart contracts remain, and there is also the threat of quantum computers breaking encryption. Legal: In Japan, using overseas exchanges is not protected, and there are tax risks. Operational: Human error (phishing) is the biggest enemy.
Joke: "The future is rosy, but it's a rose with thorns." If the DeFi TVL (total deposits) explodes in the future, the market may stabilize. But don't be overconfident.
My Feelings, Then and Now
While the sharp decline in hacks in 2025 is cause for celebration, there are even more dangerous threats lurking. It's important to understand how things work and protect yourself. Don't forget to DYOR (Do Your Own Research) and don't just take the news at face value. Cryptocurrency is exciting, but don't underestimate the risks.
💬 What do you think?
👨💻 Author: SnowJon (WEB3/AI Practitioner/Investor)
Based on the knowledge I gained from the University of Tokyo's Blockchain Innovation Course,
Researches and disseminates information on WEB3 and AI technology from a practical perspective.
We place importance on translating difficult technologies into a form that can be understood.
*AI is used as an auxiliary tool, and the author is responsible for final confirmation and responsibility of the content.
Reference links and sources
- Crypto hacks dropped by half in 2025, but the data reveals a much deadlier financial threat – CryptoSlate
- 2025 Crypto Theft Reaches $3.4 Billion – Chainalysis
- Biggest Crypto Hacks of 2025 – Coinspeaker
- What Are the Biggest Cryptocurrency Security Risks and Smart Contract Vulnerabilities in 2025? – Gate.io