Chainalysis Warns Record Crypto Theft Looms Amid Market Rally

NEW YORK — Crypto security firm Chainalysis warns in its latest mid-year report that illicit actors are on track to steal more digital assets from cryptocurrency services in 2025 than ever recorded before.

Ahead of Record-Breaking Losses

According to the report, $2.1 billion has already been stolen from exchange platforms and other crypto services in the first half of 2025, more than the entire amount stolen in all of 2024. If the trend continues, annual losses could approach portfolios held higher than $4 billion, surpassing the $3.7 billion lost in 2022, according to analysis.

North Korea Factor

This significant jump, Chainalysis noted, was partly driven by a $1.5 billion attack on Bybit hosted by North Korea’s Lazarus group in mid-February 2025. The damage from this single incident alone dwarfed theft from services in most of 2024.

Growing Attack Surface

Chainalysis research manager Thomas Jardine explains the persistent threat: “The underlying structural factors — growing adoption, more services, more individuals, and higher asset prices — mean that a compromise today results in higher losses.”

Bull Market Boosts Risk

The firm issues this warning at a time when the crypto industry experiences widespread optimism. Bitcoin recently approached new all-time highs, many altcoins are rising, institutional investment has surged, and preliminary evidence suggests former President Trump may soon approve new U.S. crypto legislation.

“As people adopt crypto more, you’re going to have more use cases, more services, and more personal wallets, which creates a larger victim pool,” Jardine added.

Tracking Methodology Advances

The report features a significant methodology upgrade, introducing enhanced tools for monitoring theft originating from personal wallets—nearly a quarter of final wallet value, or roughly $518 million, in the first six months of 2025.

Why the Trend?

Chainalysis attributes the rise to the expanding asset ecosystem. More crypto holders equates to more funds held in potentially vulnerable personal wallets. Service security has improved defensively.

“Services have continued to improve their security practices, making individuals a perceivably easier target,” states the report. Furthermore, threat actors appear to be employing increasingly sophisticated techniques.

Mainstreaming Crypto Crime

Data also indicates that personal wallet theft disproportionately affected DeFi, Solana, and newer network holders. “The growing number of crypto holders and the increased value held in personal wallets makes for a larger attack vector,” highlights the analysis.

Bitcoin Vulnerable

While representing the largest dollar value stolen, the concentration of Bitcoin in the broader crypto market may change. Nearly three-quarters of stolen assets in value effect are primarily Bitcoin, though the number of attacked chains and personal victim skew higher, suggesting diversification hasn’t yet stopped breaches.

Washing the Stolen

Methods of covering stolen funds vary based on sophistication. Criminals targeting exchanges often use complex bridges and mixers. Conversely, Theft from individual wallets frequently involved transfers to centralised exchanges, an incomplete obfuscation since platforms enforce KYC and other customer due diligence.

Lessons for Protectors and Users

Security recommendations for service providers focus heavily on code audits, employee screening against social engineering, and robust infrastructure.

Individual advice offers limited protection. Research before investing and diversification into multiple wallets can mitigate exposure, but no strategy is foolproof.

Jardine cautions: “Concentration is not good. So true to the ethos of crypto, decentralisation is ideal.”

Individuals should approach smart contracts with appropriate skepticism and avoid putting all assets into one electronic wallet, the data shows. Due diligence is the primary defense, but even legitimate access points can fail.