Cryptographic security losses surge: Fewer attacks, but significantly increased damage

Multiple Authoritative Reports Confirm Significant Yearly Losses

According to comprehensive reports from several authoritative English media and research institutions, including CoinTelegraph, blockchain security company CertiK, and Business Insider, although the number of security incidents involving crypto assets has decreased compared to previous years, the total losses due to hacking, exploitation, and fraud have still risen to approximately $3.3 billion to $3.35 billion due to several high-impact attack events.

This trend reveals a shift in the structure of crypto security risks: the frequency of conventional, low-value attacks is declining, while a small number of highly complex, targeted attacks account for the vast majority of total losses.

Decrease in Incident Numbers, but Average Loss per Attack Significantly Rises

CoinTelegraph cites data from CertiK's annual security review showing that while the total number of crypto security incidents has decreased year-on-year, the average loss per incident has increased by over 60% year-on-year, reaching approximately $5.3 million.

This trend is also corroborated by long-term research from blockchain analysis company Chainalysis. Relevant analysis indicates that attackers are gradually concentrating resources on high-value infrastructure and critical nodes, rather than scattered, small-scale attacks aimed at retail investors, significantly amplifying the economic consequences of each successful attack.

Supply Chain Attacks Account for a Major Portion of Total Losses

Multiple reports emphasize that supply chain vulnerabilities have become one of the most destructive attack vectors. According to CertiK data, just two major supply chain-related incidents caused approximately $1.45 billion in losses, nearing half of the total crypto security losses for the year.

Unlike traditional smart contract vulnerabilities, supply chain attacks typically bypass conventional code audits, directly targeting third-party dependencies, development environments, or underlying infrastructure, making the attacks more covert, with broader impacts and higher remediation costs.

The Bybit Incident as a Typical Case of Systemic Risk

Among all disclosed incidents, the Bybit security incident that occurred in February 2025 is considered the most severe single attack case of the year. According to reports from CoinTelegraph and Business Insider, the incident involved approximately $1.4 billion in digital asset losses, becoming one of the largest hacking events in the history of the crypto industry.

Following the incident, CoinTelegraph reported that Bybit initiated large-scale security rectification measures, including multiple rounds of external security audits and internal process upgrades, and restored platform liquidity levels within about 30 days. This process not only highlights the systemic shock of the incident itself but also reflects the recovery capabilities that large platforms need to possess under extreme risks.

The Nature of Crypto Security Risks is Changing

Analysis from CoinTelegraph, CertiK, and Chainalysis indicates that crypto security risks are shifting from being primarily technical issues related to contract vulnerabilities to systemic risks centered around infrastructure and dependencies. In this context, code audits at the project level are increasingly inadequate to cover the most destructive sources of risk.

This change imposes higher demands on exchanges, protocol projects, and institutional participants, requiring security protection systems to upgrade from "project-level" to "ecosystem-level."

Security Capabilities Become an Important Threshold for Institutional Participation

As the global regulatory environment becomes clearer and institutional participation continues to expand, security performance is becoming a key factor influencing market trust and institutional access. Multiple English reports indicate that the further development of the crypto industry in the future will depend not only on the improvement of compliance and regulatory frameworks but also on whether platforms can maintain operational resilience in low-frequency but high-destructive attack scenarios.

From this perspective, the latest disclosed loss data is not only a summary of individual incidents but also a reality pressure test of the overall maturity of the industry's operation.

Read the original article