Crypto Crime ‘Supercycle’ Reaches Record Heights Amid Regulatory Lapse

Cryptocurrency crime losses have set a new global record, exceeding the total of all previous years combined, a cybersecurity expert TRM Labs reported, reaching record heights of nearly $3.4 billion in the first half of 2025 alone.

This dramatic surge is attributed to a combination of slow regulatory progress, widespread fear of missing out (FOMO), and increasing platform adoption, creating a conducive environment for criminal activity according to security experts and industry reports.

A former DEA agent and cryptocurrency investigator questioned whether the phenomenon should be termed a “supercycle,” instead attributing the rise to factors including anonymity and insufficient oversight. “The rapid proliferation of new crypto assets, particularly memecoins, combined with a surge in retail investors and limited regulatory oversight, creates opportunities for criminal activity,” said Bill Callahan, speaking exclusively to Cointelegraph.

Risk vs. Reward Favors Malicious Actors

Experts emphasize that crypto appeals to bad actors due to its perceived anonymity, ease of transaction, and the proliferation of opportunities for theft, investment scams, and fraud. Callahan highlighted the asymmetry: criminals only need occasional success to generate significant profits, leveraging bad actors’ finite resources against victims’ broader exposure.

“We must remember, the bad guys have time, money and resources on their side to perfect criminal activity, and they don’t need to get it right all the time to still make a handsome profit.”

This perspective is detailed in CertiK’s half-year report, H1 Hack3d, revealing an average loss of $4.3 million per security incident, with a median loss of $103,996 in 2025 so far.

“A convergence of conditions—pervasive hype, aggressive token launches by questionable actors, and highly limited regulation—has emboldened malicious actors,” said Natalie Newson, a senior blockchain investigator at CertiK.

Findings from Market surveillance firm Solidus Labs further quantified the issue. Their May report on Pump.fun launchpads found that 98.7% of tokens exhibited classic pump-and-dump characteristics.

Newson also undersigned the challenges faced by law enforcement. “Numerous nations are confronting growing difficulties: limited resources, complex jurisdictional boundaries, and the formidable technical prowess of cybercriminals,” she stated.

“The result is a widening gap between illicit activity and accountability, creating an increasingly hostile environment for legitimate users and builders.”

Insufficient Regulation, Exacerbated by Unbalanced Enforcement

Adding another layer to the analysis, Hank Huang, CEO of Kronos Research, described regulators as having “swung from overreach to underreaction.” While early restrictions were “often harsh,” the pendulum has now swung too far toward insufficient enforcement:

“Seeing too little accountability creates fertile ground for what feels like a crypto crime supercycle. The fix isn’t more crackdowns; it’s smart, targeted regulation and finding balance to continue driving mass adoption.”

Zero is Not the Goal, Risk Mitigation is Key

Despite intensified law enforcement efforts targeting darknet marketplaces globally, Huang suggested achieving zero losses is impossible. The inherent anonymity of decentralized systems and their global reach naturally attract both legitimate participants and malicious actors.

“These attacks are less about targeting crypto and more about testing the limits of emerging systems,” explained Huang. “We must focus on minimizing risk for users rather than aiming for complete eradication of crime.”

While industries face continuous threats, crypto’s particular speed and cross-border nature amplify the challenges. Efforts to secure smart contracts and educate users are crucial, yet overcoming the ingenuity of criminals remains a persistent hurdle in the journey toward a safer crypto ecosystem.