Crypto thefts April 2025 soared to $364 million, marking a 12-fold increase from the previous month, according to blockchain security firm CertiK. In March, hackers stole $28.8 million. April’s spike was driven by a combination of phishing scams and DeFi protocol exploits.
Phishing Scam Drives Record Losses
On April 30, a massive crypto phishing attack targeted a senior American citizen. The attackers stole $330.7 million in Bitcoin by manipulating the user into revealing wallet access. Excluding that incident, crypto thefts April 2025 still reached $33.3 million — 15.6% higher than March.
DeFi Exploits and White Hat Interventions
Several DeFi startups, including KiloEx, Loopscale, and zkSync, also suffered breaches. Notably, these attacks were performed by white hat hackers who later returned $18.2 million. As compensation, KiloEx paid $750,000, Loopscale gave $580,000, and zkSync awarded $500,000.
These events underscore the need for improved DeFi security and ongoing bug bounty programs.
February Still Worst Month for Crypto Security
Despite April’s figures, February 2025 remains the worst month so far. North Korea’s Lazarus Group stole $1.4 billion in Ethereum from Bybit, contributing to a $1.53 billion monthly loss. That breach remains the most costly in crypto history.
CertiK Report Warns of Growing Risks
The CertiK report urges exchanges and developers to take stronger measures. The April data reflects ongoing threats from phishing and DeFi vulnerabilities. As crypto adoption spreads, experts warn that platforms must prioritize education and proactive defense.
Crypto thefts April 2025 show that even as the market matures, digital assets remain at high risk from sophisticated attacks.
