In 2026, cryptocurrency remains a widely discussed digital asset class despite ongoing security and regulatory concerns.The decentralised nature, liquidity, and potential for high returns have increased investor participation. However, the same factors that draw investors to the asset class also attract cybercriminals.
Hackers stole over £2.5 billion through crypto-related cybercrime globally in 2025. Crypto markets rely on openness and speed, which present plenty of opportunities for hackers. Additionally, no centralised body exists to report theft to. Despite the risk, investors consistently underestimate their exposure to cybersecurity threats.
The 2025 Bybit Hack and Its Significance
The biggest digital theft in history defined 2025. On the 21st of February, North Korean hackers known as the Lazarus Group compromised the Dubai-based exchange Bybit.
How the Hack Occurred
The hack occurred when Bybit was transferring Ethereum from a ‘cold’ wallet to a ‘hot’ wallet. The Lazarus Group successfully intercepted the transfer and diverted £1.1 billion worth of Ethereum to an unknown account.
The Aftermath
Bybit never recovered the Ethereum and had to replenish its wallets with emergency funds and loans from other exchanges. Despite the major hack, Bybit experienced growth in its user base, reaching 80 million by the end of 2025.
However, smaller platforms may not have the financial backing or liquidity to cover such big losses. Throughout crypto’s history, many exchanges have filed for bankruptcy after attacks — Mt. Gox, Cryptopia, and YouBit, to name a few.
While some investors have had their crypto reimbursed in the years since, many are still waiting. Should a hack of a similar scale occur in 2026, investors may lose their crypto for good.
2025 Breach and Fraud Data
The Bybit hack accounted for 41% of all crypto lost in 2025. Numerous breaches, scams, and other exploits accounted for the remaining losses.
Exchange and Infrastructure Attacks
Bybit may have received the most coverage, but there were hundreds of other significant platform attacks.
According to CertiK, the Web3 sector experienced an estimated 630 security incidents in 2025. Interestingly, there were 137 fewer incidents in 2025 than in 2024. However, the cost per incident increased by 66.6% year-over-year. The statistics suggest that hackers are carrying out targeted, high-value attacks.
The most effective protection against exchange-level attacks is limiting how much crypto sits on any one platform at a given time. Before choosing a platform, it might be worth checking whether it holds insurance against security incidents, too.
Phishing and Social Engineering
An AMLBot study found that 65% of the 2,500 incidents investigated were human-targeted attacks.
For phishing scams, hackers don’t need to identify infrastructure weaknesses. Instead, they use social engineering schemes to manipulate users into sending them crypto.
Specifically, scammers impersonate crypto exchange support teams. They send fraudulent messages and even set up fake websites. The messages normally carry a sense of urgency, telling users that their ‘account is at risk’, for example.
The hacker then asks the user to log in to their account on a fake website. Once they log in, the hacker steals the user’s login credentials and drains their crypto wallet.
To protect yourself, never act on unsolicited messages claiming an account is at risk. When in doubt, open the exchange directly by typing the URL into the browser rather than clicking through. A good tip is to bookmark official exchange URLs, which removes the risk of landing on a convincingly similar fake domain.
Wallet Compromise and Private Key Theft
Chainalysis reported that personal wallet compromise accounted for 23.35% of stolen funds.
Wallet compromise isn’t always a result of successful phishing campaigns. Poor password hygiene and insecure data storage have also contributed to the growing number of wallet hacks.
Wallet owners who use the same password across multiple exchanges are vulnerable to attacks. Hackers can guess passwords through credential stuffing or obtain them through data leaks. Once they access one account, they can often unlock others. They can also bypass two-factor authentication measures and access crypto wallets. From there, hackers can steal private keys and transfer funds without restrictions.
Using strong, unique passwords and enabling two-factor authentication reduces exposure considerably. Encrypting internet traffic with a VPN (Virtual Private Network, meaning a service that masks connection data) adds another layer. A VPN can be particularly useful when accessing accounts from networks outside a trusted home connection.
Smart Contract Vulnerabilities and Decentralised Finance Exploits
Exploiting smart contract vulnerabilities was once the dominant form of crypto cybercrime. At the start of the decade, decentralised finance was expanding rapidly. Developers often prioritised speed over security when launching new protocols and hackers could easily take advantage of logic errors and flaws in protocol code.
Today, more rigorous testing and auditing take place, and smart contract failures are less common. Hackers are instead using infrastructure, phishing, and social engineering attacks.
However, smart contract bugs remain a recognised source of crypto-related losses. In 2025, they accounted for 10% of all losses.
Cybersecurity Limitations Are the Biggest Crypto Risk of Today
When crypto was first launched, volatility was the biggest concern. Then, smart contract vulnerabilities became the primary risk. While both remain relevant, cybercrime dominates the headlines today. 2025 saw the biggest digital theft in history. It also witnessed numerous exchange attacks, phishing attacks, and wallet compromises.
Crypto cybercrime cost investors billions of pounds last year. Recovery mechanisms remain limited, which can make losses permanent. Cybersecurity should, therefore, be a key component in any crypto investment decision.
