- August saw $163M lost in crypto hacks, marking a 15% rise from July’s total losses.
- A single Bitcoin holder lost $91M in a social engineering scam on August 19.
- Turkish exchange BtcTurk suffered a second major breach, losing over $48M in assets.
The cryptocurrency sector faced another challenging month in August 2025 as cyberattacks increased by 15% compared to July. Data released by blockchain security firm PeckShield indicates that $163 million was stolen across 16 major exploits. These breaches primarily targeted centralized exchanges, decentralized finance protocols, and individual holders. The average loss per incident was significantly higher, reflecting the increasing sophistication of attackers.
This made August the third-worst month for crypto-related security incidents in 2025. It was surpassed only by February and May, which saw similarly high-value breaches. Analysts noted a concerning shift towards more elaborate social engineering schemes and multi-chain technical exploits. State-backed groups, including the Lazarus Group, were reportedly active in some laundering patterns, complicating asset recovery.
Major Incidents: From Exchange Breaches to Personal Losses
The most severe attack involved a long-time Bitcoin holder who lost 783 BTC, worth $91.4 million, on August 19. The attacker impersonated a support agent from a hardware wallet provider and tricked the victim into sharing private credentials.
Turkish exchange BtcTurk was also a victim of a large-scale breach, losing between $48 million and $54 million. It was the second major hack in 14 months on the platform that has cost the site more than $100 million. Cyvers, a cybersecurity company, reported the incident as a multi-chain attack on Ethereum, Arbitrum, Avalanche, and other networks.
Decentralized financial protocol BetterBank.io lost $5 million in a multifaceted security breach of its ESTEEM reward system. One of the hacks involved a synthetic token, where hackers developed a counterfeit ERC20 version and used it to control reward systems, effectively transforming synthetic assets into real ones. Then they deposited nearly one million ETH in the Ethereum network and laundered it via Tornado Cash.
Further Exploits and Systemic Vulnerabilities
The hackers stole 58.2 BTC, valued at $7 million, from the memecoin platform Odin.fun, in less than two hours. They carried out a liquidity manipulation attack on a low-value token called SATOSHI. Bodily, the co-founder, corroborated this and declared an audit and compensation program.
CrediX Finance suffered a $4.5 million exploit on August 4 due to a multisignature wallet compromise. Initially, the protocol claimed negotiations were underway to retrieve stolen funds. However, by August 8, the development team had deleted all public accounts and disappeared, revealing the incident as an exit scam. The stolen funds were ultimately moved to Tornado Cash.
The majority of these attacks involved access control failures and social engineering tactics. According to PeckShield, over 78% of the year’s hacks exploited private key exposure and inadequate wallet security. Social engineering accounted for another 23% of the losses.
Related: Crypto Hacks Hit $2.1B in H1 2025 as Infrastructure Breaches Rise
Crypto-Linked Kidnappings Surge in France
Physical violence related to crypto also continued in a disturbing pattern. A former crypto trader in Paris was kidnapped and held to a EUR10,000 ransom on August 28. This was the tenth abduction that was related to cryptocurrencies in France this year alone.
The French authorities have associated these offences with organized crime gangs attacking crypto holders. In one instance, the suspects attempted to abduct the family of a crypto executive with the help of a fake delivery van. One of the suspects was arrested by Interpol in Tangier on a Red Notice, and another one remains at large.
France now accounts for nearly one-third of all physical attacks on crypto users worldwide in 2025. The authorities caution that the nation has turned into a haven of so-called wrench attacks, in which the perpetrator inflicts violence to gain access to a wallet.
