A new report issued by TRM LABS revealed that the year 2025 achieved the worst of the first half of the year in terms of breakthroughs and exploits, as it stole more than $ 2.5 billion in that period.
However, while the previous H1 record number exceeded in 2022, the numbers were largely deviant with only one accident, a $ 1.5 billion attack on the BYPTO Bybit in Dubai.
Distinguished breach
BYBIT, which occurred in February, was not the largest breakthrough for encryption ever; It was a geopolitical act, with TRM laboratories, along with many other security companies, which they attributed to the representatives of the state in North Korea.
According to a reportThe accident constituted approximately 70 % of all encryption theft in the first half of 2025 and amplify the average penetration volume to 30 million dollars, twice the number H1 2024. In total, there were about 75 distinct attacks. January, April and May witnessed important cases, all of which exceed 100 million dollars, which indicates a widespread and continuous threat scene that exceeds the mere penetration of Mega wandering in the title.
In general, the TRM vision estimated that the groups associated with North Korea were responsible for at least $ 1.6 billion of total losses so far this year. According to the Analysis Company, the revenues of these operations are likely to use not only evading the sanctions placed on the Pyongyang system, but also to help finance its strategic initiatives, including its nuclear program.
Technically, the report indicated that infrastructure interventions targeting basic weaknesses such as key/special seeds or front seeds were dominant vector, representing more than 80 % of stolen boxes.
These violations, which are often enlarged through social engineering or internal threats, are used the basic foundations for encryption security and usually lead to ten times larger accidents, on average, of other methods.
In addition, the exploits of the protocol level, such as the manipulation of flash loans in Defi, contributed to another 12 %, which highlighted the weaknesses in the continuous smart nodes.
A new era of cybersecurity in encryption
H1 2025 also witnessed the emergence of a new front on how geopolitical conflicts conflict: the explicit use of encryption piracy as a war tool. This was seen in the last attack on the largest encryption exchange in Iran, Nubicx, by Gongchki Darandi (a predator), according to what a group linked to Israel, which stole more than $ 90 million from the platform.
The group publicly stated its motives, claiming that it targeted the exchange of its role in helping Iran to overcome sanctions and illegal financing.
Interestingly, they transferred the stolen money to the vanity addresses that lack the opposite special keys, which make them accessible, and a strong indication that the process has been carried out for symbolic or political revenge, rather than financial gains.
Binance Free $ 600 (Full Details).
Limited offer for Cryptopotato readers in Bybit: Use this link to register and open a $ 500 free site on any coin!
