Following a string of staggering cryptocurrency hacks between January 1 and March 31, 2025 promises to be a particularly damaging year in terms of digital asset theft.
More than $1.77 billion was stolen in the first quarter (Q1) of the year, according to Finbold’s Q1 2025 Cryptocurrency Market Report, which assembled figures using data retrieved from hacks tracked by blockchain security firm SlowMist.
The figures are made even more staggering by the fact that a singular attack accounts for nearly 85% of all the value stolen. Indeed, in February 2025, a Bybit cold wallet with approximately $1.5 billion worth of Ethereum (ETH) was spirited away by an unknown assailant.
Along with representing the lion’s share of cryptocurrency stolen in Q1, 2025, the Bybit hack is larger than the total taken in the first half of 2024 – $1.38 billion – and is three times larger than the total for the first quarter of 2023 – $452 million, putting 2025 on track to be a record-breaking year for cryptocurrency hacks with several high-profile incidents already.
The rug pull endorsed by a President
Though the sheer scale of the Bybit hack is staggering, it arguably wasn’t the most shocking event of the first quarter. The Libra (LIBRA) rug pull, which saw the loss of approximately $100 million, involved the Argentinian President Javier Milei.
In the early months of 2025, Milei began promoting LIBRA and the associated blockchain as a way to invest in the country. Though he appears to have been uninvolved with the scam itself, he has remained unapologetic.
Another prominent figure involved with the scandal and paid to promote the cryptocurrency ahead of the rug pull was Dave Portnoy, founder of Barstool Sports, who himself lost more than $5 million when the meme coin crashed.
Though by no means negligible, the other hacks and attacks of the quarter with known losses pale in comparison both in terms of total assets and in terms of the shock factor.
Developer that kept backdoor access
Infini, a Hong Kong stablecoin neobank, suffered a $50 million loss in late February as the assailant abused the administrative privileges they retained.
The attacker is alleged to have previously helped develop the contract for the company, only to secretly keep undue privileges and drain the funds using the famous cryptocurrency mixer Tornado Cash.
Contract vulnerabilities help disappear 10,000 ETH
Elsewhere, the fourth and fifth largest cryptocurrency heists of the quarter both involved the abuse of contract vulnerabilities.
In late March, an attacker exploited a weakness in Abracadabra Money’s smart contracts to drain 6,262 ETH – worth approximately $13 million at the time – from the liquidity pool. In early February, another assailant utilized a rounding bug to drain a zkLend of 3,600 ETH worth $9.6 million.
Lastly, it is worth noting that Finbold’s Q1 2025 Cryptocurrency Market Report is based on incidents with known values, meaning that the actual total likely exceeds the known total of $1.77 billion.
Featured image via Shutterstock
