Hackers Steal $142M Across 17 Crypto Exploits in July 2025: PeckShield Report

Crypto platforms lost $142 million to hackers in July 2025, marking a 27% jump from June and spanning 17 confirmed exploits. Hackers struck exchanges like CoinDCX and GMX, often laundering funds within minutes.

Rising Crypto Hacks in July 2025

Major hacks surged again in July 2025. PeckShield, a blockchain security firm, logged $142 million stolen across 17 attacks, up 27% from $111.6 million in June. The total remains below July 2024’s $266 million haul but signals renewed threats to the sector.

CoinDCX suffered the single largest breach on July 19, losing $44.2 million after malware in a fake job offer compromised an employee’s system. That incident exposed gaps in internal security at a top Indian exchange. GMX’s v1 protocol lost $40.5 million on July 11. Attackers exploited smart-contract flaws, then returned nearly all funds days later – an unusual twist in hack dynamics.

BigONE, a smaller exchange, lost $27 million to a hot wallet breach on July 16. Hackers bypassed third-party infrastructure, showing how weak links in partners can endanger major platforms. Phishing hit crypto platform WOO X on July 24, draining $14 million from user wallets. That attack relied on social engineering to trick staff into authorizing transfers.

Beyond quantity, attackers sped up laundering. PeckShield notes that many stolen funds move through mixers within minutes, limiting recovery chances and raising urgency for faster incident response. The uptick signals the tactics evolution. Hackers now blend on-chain exploits with off-chain tricks. As platforms grow, so do their attack surfaces.

Anatomy of the Top Exploits

CoinDCX fell victim to a cunning malware campaign. Attackers sent a fake job offer by email. Once opened, the malware stole admin credentials and allowed $44.2 million of ETH, USDT and BNB to exit the exchange. The breach underscores the need for strict email filters and staff training.

GMX’s exploit highlights smart contract risks. Hackers found a code oversight in the v1 protocol. They drained 10,000 ETH and 10.5 million FRAX, then returned most funds via the same vulnerability. The reason for the return remains unclear, but it may be due to buyer’s remorse or pressure from heightened on-chain surveillance.

BigONE’s hot wallet hack shows how partner infrastructure can falter. The attacker accessed third-party keys and withdrew $27 million in multiple tokens. This case stresses the need for multi-party computation (MPC) and cold storage.

Phishing remains potent. WOO X staff reported a spoofed login page. An unsuspecting team member entered credentials, triggering $14 million in unauthorized transfers. Simple two-factor authentication could have blocked this move.

Smaller hacks also shaped July. SuperRare lost $730 000 in RARE tokens through a Merkle-root manipulation in its staking contract. That exploit reveals how a single missing authorization check can open gateways for huge token drains.

These incidents share common gaps: weak off-chain controls, single-point failures and slow response. Exchanges should adopt real-time monitoring, routine audits and employee simulations of phishing. Without these measures, even top firms stay at risk.

Preparing for the Next Wave

Hackers evolve fast. As platforms add new tokens and services, they widen attack surfaces. Security teams should map these areas and assign clear ownership for each component. On-chain analytics firms now offer real-time hack detection. Platforms can subscribe to alerts when large, risky transfers happen. Early warnings can save millions if teams act within minutes.

Partner risk grows with DeFi integrations. Firms must vet every protocol they connect to and enforce strict wallet segregation. Shared keys across services are a red flag. And employee training is vital. Phishing drills and simulated attacks reduce click rates. When staff know the risks, hackers lose easy entry points.

Finally, insurance products for crypto are maturing. While premiums remain high, they can cover losses when protocols fail. Firms should compare policies now to ensure coverage by next quarter.

As regulations tighten and blockchain analytics improve, the industry has more tools to fight back. But only firms that treat security as core, not an afterthought, will stay one step ahead. July crypto hacks underline one truth: no platform is too big to fail.