Crypto theft and exploits have continued at historically high levels in 2025, with industry data showing more than $2.53 billion in losses linked to exploits this year — and broader theft figures pushing that total even higher, according to Sentora and a recent Chainalysis report.
Sentora’s latest chart on “Total TVL of Exploits 2025” breaks down how the losses occurred. It reveals that social engineering remains the dominant attack technique, accounting for 55.3 % [$1.39 billion] of exploit-related value taken so far.
Other techniques, such as private key compromise, infinite mint attacks, and smart contract exploits, together accounted for the remainder of losses.
Social engineering and human-centric attacks surge
The Sentora data highlights how the focus of exploitation has shifted. While smart contract bugs and protocol vulnerabilities remain significant concerns, social engineering now outweighs purely technical exploits by a substantial margin.
Private key compromises, which can be related to phishing, malware, or inadequate credential management, accounted for 15 % of exploit losses [$0.37 billion].
This highlights how adversaries are increasingly targeting human and operational weaknesses alongside traditional code flaws.
Industry-wide exploits tops $3B
Separate 2025 analysis by Chainalysis, corroborated by industry monitoring firms’ estimates, suggests that between $2.7 billion and $3.4 billion in cryptocurrency was stolen across all theft categories this year.
This includes large single-event breaches, personal wallet thefts, and other illicit activity.
North Korea–linked hackers again emerged as the most prolific threat actors. Chainalysis reported that at least $2.02 billion in stolen crypto this year was tied to DPRK-affiliated groups, a roughly 51% increase year-over-year from 2024 levels.
Much of this total stemmed from a record-setting exploit of the Bybit exchange, where attackers stole an estimated $1.4 billion in assets.
Exploit landscape evolving
Industry analysts say the broader trend reflects improvements in automated auditing, formal verification, and protocol safety tooling, making large smart contract vulnerabilities rarer.
Meanwhile, attackers have shifted toward tactics that exploit users and privileged access.
Chainalysis also noted a sharp increase in personal wallet thefts this year, with thousands of individual victims affected. However, those losses were smaller on a per-incident basis compared with large institutional hacks.
What this means for the ecosystem
Taken together, the data suggests that mitigating exploits in 2025 has less to do with fixing code and more to do with improving user security, key management practices, and operational hygiene across exchanges, custodians, and wallet providers.
Final Thoughts
- Crypto losses in 2025 are being driven far more by human and operational failures than by smart contract bugs, with social engineering now the dominant attack vector.
- As attackers increasingly bypass protocol code to target users, wallets, and access controls, improving user security and operational safeguards has become as critical as technical audits for reducing future losses.
