Crypto Hacks Surge 27% in July, Reaching $142 Million as Security Threats Evolve
According to blockchain security startup PeckShield, the cryptocurrency market had a big rise in security breaches in July 2025. There were
Quick overview
- In July 2025, the cryptocurrency market experienced a significant rise in security breaches, with 17 large attacks resulting in losses of $142 million, a 27% increase from June.
- CoinDCX suffered the largest single loss of $44.2 million due to a sophisticated server breach involving social engineering tactics targeting employees.
- Other notable incidents included a $42 million hack of GMX, which saw a surprising recovery of most stolen assets, and a $28 million loss at BigONE due to a third-party attack.
- Experts are increasingly concerned about hackers shifting their focus from smart contract vulnerabilities to exploiting weaknesses in backend infrastructure and personnel processes.
According to blockchain security startup PeckShield, the cryptocurrency market had a big rise in security breaches in July 2025. There were 17 large attacks that cost a total of $142 million. This is a 27% rise from the $111.6 million in losses in June. It shows that security problems are getting worse as the digital asset ecosystem grows.
CoinDCX Suffers Largest Single Loss
CoinDCX, one of India’s biggest cryptocurrency exchanges, lost $44.2 million in what CEO Sumit Gupta called a “sophisticated server breach.” This was the worst thing that happened that month. But after extensive investigations by the Bengaluru police, they found a more concerning attack vector: social engineering aimed at employees of the company.
The incident started when hackers pretended to be recruiters offering fake part-time jobs to get a CoinDCX employee to download malware onto a business laptop. Hackers used this stolen access to empty the exchange’s operational wallet over the course of several hours on July 19, sending money to six different cryptocurrency wallets.
Police took Rahul Agarwal, a 30-year-old engineer at Neblio Technologies, the parent firm of CoinDCX, into custody in connection with the event. Investigators think Agarwal was an innocent victim who accidentally gave access through his hacked work device. However, this case has brought up serious concerns about the security measures used by major crypto sites.
Mixed Results for Other Major Incidents
The second-biggest hack of the month hit GMX, a decentralized perpetuals exchange, and took $42 million worth of assets. But this incident had a surprise good ending: just days after the attack, the attacker gave back over $40.5 million worth of cryptocurrency, including 10,000 ETH and 10.5 million FRAX tokens.
BigONE exchange lost $28 million, which was the third-largest loss, after a third-party attack on its hot wallet infrastructure on July 16. On July 24, hackers broke into the crypto trading platform WOO X and stole $12 million. They did this by utilizing social engineering techniques that were identical to those used against CoinDCX.
Rob Behnke, the chairman of the blockchain security company Halborn, said that the WOO X attack entailed hackers going after a team member’s cellphone to get into the development environment. “The attacker employed social engineering to get into a team member’s PC. “From there, they could switch to the development environment and use people’s trust in the system to steal money from their accounts,” Behnke said.
Shifting Attack Patterns Concern Experts
Security experts are worried about a trend in the July incidents: hackers are going after off-chain infrastructure and people instead of taking advantage of flaws in smart contracts. This change is a big step forward in the growth of crypto security threats because standard blockchain audits can’t find weaknesses in backend infrastructure and personnel procedures.
“Attackers don’t look for smart contract vulnerabilities that can be exploited; instead, they look for weaknesses in backend infrastructure and processes,” Behnke said. “As DeFi hackers become more skilled and focus more on backend systems and infrastructure, projects need to have strong security controls and processes in place to protect themselves from these threats.”
Industry Response and Recovery Challenges
Even if the losses in July were much higher than in June, they are still much lower than in 2024, when crypto breaches cost $266 million. The biggest loss from last year was a $230 million hack of the Indian exchange WazirX. This shows that the crypto business in the region still has a lot of security problems.
The CoinDCX event has led to a lot of discussion in the community on how open and honest exchanges should be. Some people say that the exchange waited 17 hours to tell the public about it. The corporation, on the other hand, has stressed that customer cash were safe during the whole thing, and that the company’s treasury covered the losses.
The chances of getting the stolen money back are still low. Law enforcement officials said that identifying and collecting bitcoin assets is “nearly impossible” when wallet operators in other countries won’t help with investigations. This shows how hard it is to deal with crimes involving cryptocurrencies.
- Check out our free forex signals
- Follow the top economic events on FX Leaders economic calendar
- Trade better, discover more Forex Trading Strategies
- Open a FREE Trading Account
Save