The cryptocurrency industry faced a turbulent July, with hackers and scammers siphoning at least $142 million across 17 major incidents, according to blockchain security firm PeckShield. This marks a 27.2% increase from June’s $111.6 million in losses largely driven by a $230 million exploit at Indian exchange WazirX.
The month’s largest breach targeted CoinDCX, another India-based exchange, which lost $44.2 million in a sophisticated attack. Described by CEO Sumit Gupta as a “server breach,” the incident involved cybercriminals using fraudulent part-time job offers to trick an employee into downloading malware, granting hackers access to steal 4,443 ETH and 155,830 SOL. Bengaluru police arrested a CoinDCX employee in connection with the hack, with investigations ongoing.
Decentralized exchange GMX suffered the second-largest loss, with $42 million stolen on July 11. In a rare turn, the attacker returned over 90% of the funds, including 10,000 ETH and 10.5 million FRAX, netting a profit due to ETH’s price surge. BigONE exchange wasn’t as fortunate, losing $28 million in a third-party attack on its hot wallet system on July 16. WOO X followed, losing $11.59 million on July 24 through a phishing campaign that compromised a team member’s device, allowing attackers to access the exchange’s development environment and siphon funds across Bitcoin, Ethereum, BNB, and Arbitrum chains. WOO X later reimbursed affected accounts from its treasury. Rounding out the top five, Future Protocol lost $4.7 million.
Rob Behnke, chair of blockchain security firm Halborn, noted a shift in attack vectors: “More high-value crypto attacks are now hitting offchain infrastructure rather than exploiting smart contract bugs.” This trend underscores the limits of smart contract audits, as hackers increasingly target human vulnerabilities and backend systems through social engineering.
July’s losses contribute to a grim 2025, with crypto thefts already surpassing 2024’s total by June’s end. At $142 million, July ranks as the fourth-worst month this year, trailing February’s staggering $1.53 billion, driven by a $1.2 billion Bybit hack. Other notable months include April ($357.1 million), May ($244.1 million), January ($87 million), March ($33 million), and June ($111.6 million). At this pace, 2025 is on track to be the worst year yet for crypto crime.
In a related development, an Arizona woman was sentenced to over eight years in prison for aiding North Korean operatives in a scheme that generated $17 million for the DPRK. By using stolen identities and fake documents, she helped secure remote IT jobs at over 300 U.S. crypto and tech firms, compromising 68 Americans’ identities.
