Despite a strong crypto market rally in July, the industry faced major hacks, with scammers stealing a total of $142 million in user funds. The $44 million exploit of crypto exchange CoinDCX accounted for the largest share of the losses.

Crypto hack losses reach $142 million in july

Earlier today, blockchain analytics firm PeckShield reported that crypto-related losses from hacks and exploits totaled $140 million in July 2025. This marks a 27% increase from the $111 million recorded in June.

See more

#PeckShieldAlert In July 2025, ~17 major crypto hacks were recorded, resulting in total losses of $142M—a 27.2% increase (from $111.6M in June). Notably, the #GMX exploiter has returned ~$40.5M worth of cryptos, including 10K ETH and 10.5M $FRAX.#Top5 Hacks in July 2025:… pic.twitter.com/Y5VLUILq5Z

— PeckShieldAlert (@PeckShieldAlert) August 1, 2025

Despite the month-on-month rise, losses were still 46% lower than in July 2024, when hackers stole $266 million. Back then, Indian crypto exchange WazirX contributed to most of the losses after facing a $230 million breach.

The PeckShield report also revealed that the $40 million exploit of the GMX decentralized exchange on July 11 was the second-largest hack after CoinDCX. However, the GMX hacker later reimbursed all funds.

CoinDCX has been in the spotlight recently amid rumors of a possible Coinbase takeover at a $900 million valuation. However, CoinDCX CEO Sumit Gupta denied these rumors, confirming that no takeover talks are underway.

Meanwhile, authorities arrested a CoinDCX employee on Thursday in connection with the hack, but further details have not been released.

In mid-July, crypto exchange BigONE experienced a third-party attack targeting its hot wallet infrastructure, losing a staggering $27 million in the process.

Similarly, on July 24, crypto trading platform WOO X became the third major victim in July after falling prey to a phishing attack, which resulted in an estimated $14 million loss.

In the case of WOO, the bad actors reportedly used social engineering tactics. Rob Behnke, chairman of blockchain security firm Halborn, said:

“In this case, the attacker used social engineering to compromise a team member’s computer. From there, they could pivot to the development environment and exploit trust in the system to drain user accounts. The attacker successfully performed multiple malicious transactions over the course of two hours before the suspicious activity was noticed and the platform disabled withdrawals.”

Hackers are targeting off-chain systems

Hackers are increasingly shifting focus from on-chain smart contract vulnerabilities to off-chain infrastructure, according to security expert Michael Behnke. Rather than exploiting contract code, attackers are now targeting backend systems and operational processes.

The trend reflects a growing sophistication among DeFi attackers, highlighting the need for projects to implement robust off-chain security controls.

next