In July 2025, the crypto industry faced a wave of hacker attacks that resulted in losses of $142 million, which is 27.2% more compared to June, when losses amounted to $111.6 million. According to blockchain analytics company PeckShield, 17 major incidents were recorded in the month, highlighting a growing security threat in the sector. Despite a 46% reduction in losses compared to July 2024 ($266 million), current figures indicate continued vulnerability for both centralized and decentralized platforms.
The most significant hack of July occurred on the Indian crypto exchange CoinDCX, where hackers stole assets worth $44.2 million. According to the investigation, access to the exchange's internal accounts was obtained via a compromised employee laptop, which was the victim of social engineering. CoinDCX CEO Sumit Gupta called the attack a "complex server hack" and assured that client funds were untouched and losses would be absorbed by the company's reserves. Indian police arrested an employee in connection with the incident, but the investigation continues. Cyvers CEO Dedi Lavida suggested that the attack might have been orchestrated by the North Korean hacking group Lazarus Group, known for its sophisticated methods.
The second largest incident affected the decentralized exchange GMX, which lost $42 million on July 9 due to a vulnerability in outdated V1 code. Remarkably, two days later, the hacker returned about $40.5 million, including 10,000 ETH and 10.5 million FRAX, making it a rare case of partial fund restoration. This incident underscored vulnerabilities in DeFi protocols despite subsequent compensation.
The third largest hack hit the BigONE exchange, which lost $28 million on July 16 due to a compromise of a third-party service related to hot wallet infrastructure. Hackers altered the operation logic of servers responsible for accounts and risk control. The platform committed to covering losses from its own funds.
Cryptocurrency exchange WOO X lost $12 million due to a phishing attack on July 24, where attackers used social engineering methods to compromise an employee's device. The platform restored affected accounts using reserves. A smaller but noticeable loss was incurred by the Future Protocol project, losing $4.2 million due to malicious contract approvals.
Analysts note that in 2025 hackers increasingly use sophisticated methods, including attacks on server infrastructure and social engineering, rather than traditional smart contract vulnerabilities. According to Global Ledger, in 70% of cases stolen assets begin to move before incidents are publicly disclosed, and only 4.6% of stolen funds were recovered in the first half of 2025. This emphasizes the need for faster detection methods and enhanced internal security.
Total losses from hacks and fraud in the crypto industry for the first six months of 2025 reached $3.1 billion, already exceeding the total for 2024 ($2.85 billion). If current trends continue, losses could surpass $4 billion by the end of the year, making cybersecurity critically important for Web3 projects.
The growth in the number and complexity of attacks in July 2025 demonstrates that the crypto industry remains vulnerable to evolving threats. Platforms need to strengthen protection not just for smart contracts but also for server infrastructure and increase employee awareness of social engineering methods. The situation requires the urgent implementation of more effective monitoring and response tools to minimize future losses.