Report: In the first half of 2025, frontend and Private Key vulnerabilities led to over $2 billion stolen in the encryption sector.

Gate News bot message, blockchain intelligence company TRM Labs stated in a report on Thursday that in the first half of 2025, hackers stole 2.1 billion dollars from the crypto assets sector, with over 80% originating from infrastructure attacks.

TRM indicates that the average scale of private key theft, seed phrase vulnerabilities, and front-end hijacking (often stolen through social engineering or internal access) is ten times that of other vulnerabilities. DeFi vulnerabilities remain an issue. Flash loan and smart contract reentrancy vulnerabilities account for another 12% of losses, indicating widespread vulnerabilities in on-chain protocols.

The records for the first half of the year have matched the total records for 2024 and are approximately 10% higher than the records for the first half of 2022. It is noteworthy that a significant event distorted the data: the CEX hacker attack that occurred in February, resulting in losses of 1.5 billion USD, which TRM believes was orchestrated by North Korea. This attack raised the average size of hacker attacks to 30 million USD, doubling from last year.

TRM estimates that organizations linked to North Korea stole $1.6 billion, accounting for 70% of the total in the first half of the year, as the North Korean regime relies on crypto assets theft to fund its weapons program. The report also mentioned the June incident where the Iranian exchange Nobitex was hacked—an event carried out by the hacker group Gonjeshke Darande, which is allied with Israel—resulting in $90 million being transferred to "unusable" wallets, coinciding with heightened geopolitical tensions in the Middle East.

To address the security issues troubling the encryption industry, TRM urges protocols and services to enhance multi-factor authentication and improve cold storage. The company also recommends strengthening internal threat defenses, while law enforcement agencies should enhance cross-border coordination.

TRM added that the crypto industry needs better collaboration across the entire sector to maintain anti-theft efforts. "The road ahead requires multi-faceted cooperation," the report pointed out. "The record thefts in the first half of 2025 are a strong call to action for us to adopt a collective, continuous, and strategically aligned security posture—not only to prevent crime but also to guard against covert state actions. Proactive information sharing and coordinated international cooperation to prosecute state-sponsored cybercriminals are crucial for effective deterrence."

Source: The Block