The cryptocurrency industry faced record losses from hacks and fraudulent schemes in the first half of 2025, exceeding $3.1 billion, which already exceeds the total losses for the whole of 2024 ($2.85 billion), according to data from analysts at Hacken 7 8 .

The main reasons for such large-scale losses were vulnerabilities in access control systems, errors in smart contracts, and various fraudulent schemes. In particular, access control exploits accounted for 59% of the total losses, which highlights that this area of security remains the weakest point in the crypto industry. Smart contract vulnerabilities led to losses amounting to $263 million, which is about 8% of all losses 7 .

The biggest incident of the first half of 2025 was the hack of crypto exchange Bybit, in which attackers stole $1.5 billion in February. This case, although considered exceptional, has become a symbol of ongoing security issues in the cryptocurrency market 7 .

According to a report by Hacken, an attack on an outdated version of the GMX v1 protocol was detected beginning in Q3 2025. Egor Ruditsa, head of forensics at Hacken, noted that projects should ensure that their codebases are maintained and updated if they are not yet fully closed to reduce the risk of attacks that exploit vulnerabilities in older software 7 .

There is also a shift in attacker tactics from purely technical attacks to more sophisticated methods involving human factors. These include blind signature attacks, private key leaks, and sophisticated phishing campaigns. This confirms that access control and human interaction security require serious strengthening in the crypto ecosystem 7 .

The reports pay special attention to the DeFi (decentralized finance) and CeFi (centralized finance) areas, as this is where the majority of vulnerabilities are concentrated. Total losses in these segments amounted to $1.83 billion. The hack of the Cetus protocol in Q2 2025 caused a considerable resonance, as a result of which $223 million was stolen in 15 minutes – this is the largest DeFi incident since the beginning of 2023, interrupting the trend of decreasing losses in this area, observed over the past five quarters 7 .

The Cetus attack was due to a vulnerability in the overflow check when calculating liquidity. Hacken experts noted that implementing real-time TVL (Total Value Locked) monitoring with an automatic pause function could prevent up to 90% of losses from such incidents, highlighting the need for improved security systems in DeFi 7 .

Another significant trend in 2025 is the growing threat from artificial intelligence (AI) in cryptosecurity. The integration of AI and large language models (LLM) into diverse Web2 and Web3 ecosystems has opened up new attack vectors. AI exploits have increased by 1025% compared to 2023, with 98.9% of such attacks involving insecure APIs. Around 34% of Web3 projects already use AI agents in production environments, making them attractive targets for hackers 7 .

At the same time, traditional cybersecurity standards such as ISO/IEC 27001 and the NIST framework have not yet been adapted to the specific risks of AI, including model hallucinations and data poisoning races. This creates additional challenges for protecting crypto infrastructure against the backdrop of the rapid adoption of AI technologies 7 .

Hacken’s data therefore provides a clear picture that the crypto industry is facing its toughest period in terms of losses from hacker attacks and fraud in 2025. The main problems are related to vulnerabilities in access control, smart contracts, and the emerging threat of AI exploits. Attacks on human factors and legacy code highlight the need for a comprehensive approach to security, including protocol updates and increased user training and monitoring.

These facts indicate that despite the ongoing growth and development of the crypto market, the security issue remains crucial for stability and trust among investors and users. Only comprehensive and timely work to eliminate them will be able to reduce risks and ensure sustainable development of the industry in the future.

What are the main reasons for such large-scale losses in the crypto industry in 2025?

The main reasons for large-scale losses in the crypto industry in 2025 were:

• Access control vulnerabilities remain the weakest point of the crypto industry, accounting for 59% of all losses. These vulnerabilities include private key leaks, blind signature attacks, and sophisticated phishing campaigns that exploit human error.
• Bugs and vulnerabilities in smart contracts , which led to losses of about $263 million (8% of the total losses). Particularly notable are attacks on DeFi protocols with smart contract exploits, such as the $223 million Cetus hack.
• Exploitation of outdated code bases and insufficient support for projects , which leads to the emergence of new vulnerabilities, as in the case of a series of attacks on the outdated version of GMX v1.
• Attackers are moving towards human factor attacks – social engineering, phishing and key leaks – which exacerbates the access control problem.
• New threats from artificial intelligence (AI) . AI-based attacks have increased by 1025% compared to 2023, with the majority of them related to insecure APIs. The integration of AI and large language models into Web3 creates new vulnerabilities that traditional cybersecurity standards have not yet fully addressed.
• Major incidents , such as the $1.5 billion hack of crypto exchange Bybit in February 2025, were the largest incident to significantly impact the overall loss figures.

Taken together, these factors have led to industry losses exceeding $3.1 billion in the first half of 2025, which is already greater than losses for the whole of 2024 1 5 .

Why Access Control Vulnerabilities Remain the Top Threat to Crypto Assets

Access control vulnerabilities remain a major threat to crypto assets for several key reasons:

• First, access control is the point where human factors and technical systems interact, and this is where private key leaks, access rights management errors, phishing attacks, and other social engineering techniques often occur. These errors or abuses allow attackers to gain full access to users’ or platforms’ crypto assets 2 5 6 .
• Second, vulnerabilities in blockchain endpoints, such as crypto wallets (especially hot ones), exchanges, and APIs, remain weak points through which attacks can flow. Even if the blockchain network itself is highly secure, these entry and exit points are susceptible to hacking and fraud, making access control critical to asset protection 5 .
• Third, attackers are actively moving from technical attacks to exploiting the human factor – using blind signature attacks, phishing, key leaks, which exacerbates access control problems. This means that technical security measures are often ineffective without strengthening access control and user training 2 .
• Additionally, major hacks and losses such as the $1.5 billion Bybit attack have shown that access controls even at the level of large platforms can remain weak, leading to large-scale losses 2 .
• Finally, protection against access control vulnerabilities requires comprehensive measures: multi-level authentication, cold storage of keys, regular code updates and support, activity monitoring, and prevention of social attacks. Without continuous improvement of these aspects, the risk of hacking remains high 5 6 .

Access control therefore remains the main threat to crypto assets, as it is a complex node where technical and human risks mix, and it is here that attackers have the opportunity to cause maximum damage. Without effective protection and access control, it is impossible to ensure reliable security of crypto transactions and assets in general.

How attacks on outdated versions of smart contracts affect project security

Attacks on outdated versions of smart contracts significantly worsen the security of projects for several reasons:

• Unpatched vulnerabilities and bugs : Smart contracts are immutable once deployed to the blockchain network, so code errors discovered late cannot be quickly fixed. Outdated versions often contain long-known vulnerabilities that attackers exploit to attack and steal funds.
• Lack of support and updates : If projects do not support and update their smart contracts, newly discovered risks and bugs remain unpatched. Hackers actively seek out such vulnerable versions as they are easier to exploit, as happened with a series of attacks on the outdated GMX v1 in Q3 2025.
• Complexity of updating : Due to the blockchain architecture and immutability of contracts, updating a smart contract requires the use of special patterns (e.g. proxy templates), which themselves can become a source of new vulnerabilities if implemented incorrectly. Errors in the implementation of updated contracts have already led to major losses (e.g. Nomad, Wormhole projects).
• Increasing risks due to human error : Legacy code often comes with insufficient documentation and access controls, making it easier for attackers to use social engineering attacks, including phishing and blind signatures, especially if the project does not support up-to-date security measures.
• Example from 2025 : Egor Ruditsa (Hacken) emphasized that attacks on the outdated version of GMX v1 are an example of the need for constant updating and maintenance of code to minimize the risks of hacks and losses.

Thus, attacks on outdated smart contracts affect the security of projects by creating weak points that are actively exploited by hackers, leading to significant financial losses and undermining user trust. To reduce these risks, it is important for projects to regularly update and audit their contracts, use modern secure development patterns, and ensure comprehensive access control protection.

These facts confirm that neglecting to support outdated versions of smart contracts is one of the main reasons for hacks and losses in the crypto industry in 2025 1 3 5 6 7.

What are some examples of major attacks on legacy smart contracts?

Notable examples of major attacks on outdated smart contracts include the following:

1. The DAO (2016) is one of the most famous hacks in blockchain history, where a smart contract vulnerability related to a reentrancy attack allowed an attacker to repeatedly call the withdrawal function before the balance was updated. As a result, over 3.6 million ETH were stolen, causing a major crisis in the Ethereum ecosystem and leading to a fork of the network 1 .
2. Parity Wallet (2017) — a vulnerability was discovered in the Parity multisig wallet in version 1.5+, which allowed hackers to gain full control over the contract and steal over 150,000 ETH (about $30 million at the time). This happened due to errors in the code of an outdated version of the wallet used to store funds 1 3 .
3. Wormhole (2022) — the platform fixed vulnerabilities and published patches, but did not have time to update the code. An attacker took advantage of a zero-day vulnerability in an outdated smart contract, which allowed him to steal about $325 million in Ethereum 5 .
4. Nomad Bridge (2022) – The Nomad Bridge hack occurred due to a small bug in the code where the smart contract did not properly verify transactions, allowing the hacker to steal around $190 million 5 .
5. Cetus (2025) – An attack on a decentralized protocol with an exploit of an overflow in the liquidity calculation, which resulted in the theft of $223 million in 15 minutes. It also involved a vulnerability in the smart contract implementation, which could have been partially prevented by real-time monitoring [source from previous conversation].

These examples confirm that outdated or poorly updated smart contracts with vulnerabilities that are not patched by timely updates and audits remain a profitable target for hackers and lead to significant financial losses in the crypto industry 1 3 5 .

The DAO Hack of 2016: An Analysis of the Biggest Incident in Blockchain History

The DAO Hack of 2016: An Analysis of the Biggest Incident in Blockchain History

Introduction

In 2016, the crypto industry faced one of its most high-profile and instructive hacks — the attack on the decentralized autonomous organization The DAO. Not only did this incident catalyze important changes in the Ethereum ecosystem, but it also demonstrated fundamental vulnerabilities in smart contracts that are still relevant today.

What is The DAO?

The DAO (Decentralized Autonomous Organization) was an innovative project based on the Ethereum network, the main goal of which was to create a fully decentralized venture fund managed by automated smart contracts. In a short time, The DAO received more than 12 million ETH – at the time the equivalent of about $ 150 million, which made it the largest crowdfunding project of the era.

Vulnerability: reentrancy attack

The DAO’s key vulnerability was in a smart contract. The essence of the error is that the smart contract allowed the attacker to repeatedly call the transfer function before the final update of the victim’s balance occurred.

Attack mechanism:

• When a participant submitted a request for a refund, the smart contract would first send the funds to the request address.
• After the transfer, the participant’s internal balance was not updated in a timely manner.
• This allowed the attacker to initiate a withdrawal again through a specially prepared contract while the original request had not yet been fully processed, i.e. before the balance was fixed.

As a result, in a short period of time, the attacker called the withdrawal function multiple times, thereby stealing more than 3.6 million ETH – more than a third of all assets of The DAO at the time.

The Aftermath: A Crisis of Trust and the Ethereum Fork

Extent of damage:

• More than 3.6 million ETH were transferred to the attacker’s address.
• The incident immediately undermined confidence in the security of smart contracts, and the Ethereum market capitalization dropped.

Community decision:

• A heated debate ensued between proponents of the “immutability of the blockchain” and those who insisted on the return of funds.
• As a result of the discussion, the “hard fork” mechanism was triggered – the Ethereum network was divided into two chains:
  • Ethereum (ETH) is the main blockchain where stolen funds were returned to owners by changing the block history.
  • Ethereum Classic (ETC) – retained the original history, where the funds remained with the hacker.

This case became the first and only one of its kind when the community of a major blockchain decided to change the history of transactions in order to restore justice.

Impact on the industry and modern lessons

• The DAO hack was a turning point and led to the rapid development of smart contract auditors, security monitoring communities, and the introduction of new programming patterns that eliminate reentrancy vulnerabilities.
• Many modern protocols now use checks-effects-interactions patterns , avoiding sending funds until the balance is updated.
• The DAO case remains a key argument for independent code audits, bug bounties, and thorough testing of smart contracts before public launch.

Conclusion

The 2016 DAO hack demonstrated how a single critical bug in a smart contract can impact the entire industry. It remains a major historical lesson for all blockchain developers and users, illustrating the need for a comprehensive approach to the security of decentralized financial instruments and smart contract development.

The hack occurred due to a vulnerability in Parity wallet version 1.5 and above related to multi-signature wallets.

In 2017, the crypto industry experienced one of the most significant incidents related to the security of smart contracts and wallets based on Ethereum — the hack of the multi-signature wallet Parity. This incident became the “second largest attack in the history of the Ethereum network” in terms of the amount of funds stolen and demonstrated how critical bugs in the code of even popular and actively used software solutions can be.

The hack occurred due to a vulnerability in Parity wallet version 1.5 and above related to multi-signature wallets. Essentially, the code of these smart contracts lacked the necessary protection for the wallet initialization functions – the developers did not provide a mechanism to limit the one-time execution of the setup procedure. This allowed the attacker to re-call the initialization function (initWallet), which was mistakenly available for reuse. As a result, the hacker was able to assign himself as the owner of the contract and gain full control over the wallet 1 7 .

The attacker then used his newly acquired rights to transfer funds to his own address. In total, more than 153,000 ETH were stolen — worth around $30 million at the time 1 2 . The funds were stored in several multi-signature contracts, often used to accumulate funds from ICOs and other projects.

The Parity team publicly acknowledged the criticality of the error, noting that the vulnerability was related to two key functions that were supposed to be used only once when creating a wallet, but due to the lack of proper protection, could be launched again. This allowed the attacker to overwrite the owner’s parameters and gain access to funds 1 .

The incident caused a stir in the crypto community and drew attention to the security issues of smart contracts and multi-signature wallets. Following the hack, Parity issued a warning recommending that all owners of funds in vulnerable wallets immediately transfer their assets to more secure addresses 2 7 .

Later, on November 6, 2017, another related incident occurred – the Parity crypto wallet library accidentally self-destructed, which resulted in approximately $154 million in frozen funds in multi-signature wallets created after July 20, 2017. This contract “suicide” was due to a bug or accidental user action, further exacerbating security concerns and sparking discussions about the need for a possible Ethereum hard fork to unlock the assets 3 5 .

Taken together, these events highlighted serious shortcomings in the development and testing of smart contracts early in the Ethereum ecosystem. They were important lessons for the industry, highlighting the need for careful code auditing, strong controls and security, and a cautious approach to the use of multi-signature and other complex contracts to store crypto assets.

Thus, the Parity Wallet hack in 2017 is a reliable example of how errors in smart contracts can lead to large-scale financial losses and undermine user trust. It is on the basis of such precedents that modern security practices in the crypto world are built today.

Key facts:

• The vulnerability was discovered in Parity Wallet version 1.5+ with multi-signature functionality 1 7 .
• The attacker called the wallet initialization function (initWallet) again, becoming the owner of contract 1 .
• As a result, over 153,000 ETH (~$30 million at the time of the attack) were stolen 1 2 .
• Parity confirmed the critical nature of the error and recommended users to move funds 2 7 .
• In November 2017, an incident occurred with the freezing of $154 million due to the accidental self-destruction of the contract library 3 5 .
• These cases were among the largest in Ethereum history and had a significant impact on the development of security practices 1 3 .

If you need more detailed technical or historical information on this incident or its consequences, I am ready to help.

Wormhole attack in 2022 is a factual demonstration of the dangers of outdated smart contracts and the difficulty of maintaining security in the rapidly evolving crypto industry

In February 2022, Wormhole, a crypto platform that serves as a bridge for cryptocurrency exchanges between the Ethereum and Solana networks, fell victim to one of the largest attacks in the history of decentralized finance (DeFi). An attacker exploited a zero-day vulnerability in an outdated Wormhole smart contract, which allowed the theft of approximately $325 million in wETH (wrapped Ethereum) cryptocurrency 1 2 5 .

Description of vulnerability and attack mechanism

The problem was in signature verification errors during the transaction confirmation process, namely, when creating and verifying the so-called VAA (validator action approval) messages. Wormhole used an outdated function load_instruction_atdesigned to verify the Secp256k1 contract call (which uses elliptic curve cryptography to verify signatures). This command did not take into account an important parameter – the system address (Instructions sysvar), which should be involved in the verification.

The hacker created a fake account instead of a real system address, which allegedly called the Secp256k1 contract, and thus bypassed the signature check. This allowed him to generate a valid fake VAA – that is, in fact, to forge a document that the Wormhole protocol considers as a valid permission to create tokens.

Using this fake VAA, the attacker called the function complete_wrappedthat the Wormhole smart contract uses to mint new wETH tokens on the Solana side, despite the lack of real collateral in the Ethereum ecosystem. In this way, 120,000 wETH units , equivalent to $325 million, were created and stolen 1 2 3 5 .

Chronology and consequences

• The attack occurred on February 2, 2022, in the evening UTC.
• After creating and stealing 120,000 wETH, the attacker withdrew a significant portion ($80 million) to the Ethereum blockchain and began selling the remainder on the Solana network.
• Wormhole quickly suspended its platform for investigation.
• Jump Trading, the company that owns Wormhole, has attempted to contact the hacker and offered a $10 million reward for the return of the funds and disclosure of the attack method, but has not yet received a response 2 5 7 .

Technical Analysis and Lessons

• The vulnerability was the result of the use of outdated, insecure smart contract functions that did not follow proper verification logic, allowing underlying cryptographic protection to be compromised.
• This is an indication that in DeFi systems, timely and thorough code maintenance is critical, with vulnerabilities reviewed and patched.
• The Wormhole bug illustrates how even one outdated element in the verification chain can lead to the loss of hundreds of millions of dollars.
• Following the attack, security auditing, monitoring and decentralized control of operations in the Web3 infrastructure were activated 6 10 .

Next steps and status as of 2024-2025

• In 2023-2024, Jump Crypto and its partners attempted to recover the stolen tokens, achieving the return of a significant portion of the stolen assets 8 9 .
• The Wormhole platform has strengthened its security measures, implemented new transaction verification standards, and updated access control algorithms.
• The incident is considered one of the most high-profile and significant in the field of crypto asset security and serves as an important lesson for the entire community of DeFi developers and users 9 .

Thus, the Wormhole attack in 2022 is a reliable fact that demonstrates the dangers of outdated smart contracts and the complexity of ensuring security in the rapidly evolving crypto industry. It highlights the importance of constantly updating the code, thoroughly auditing, and developing new security methods to minimize the risks of losing digital assets.

The Nomad cross-chain bridge was hacked, resulting in the theft of approximately  $190 million  in various crypto assets.

In 2022, one of the most notable and large-scale events in the history of crypto security occurred – the hack of the Nomad cross-chain bridge, as a result of which the attackers managed to steal about $ 190 million in various crypto assets. This incident became a classic example of how even a small error in the code of a smart contract can lead to catastrophic financial losses and cause a mass attack effect.

What is Nomad Bridge?

Nomad is a decentralized bridge that allows users to move cryptocurrencies between different blockchain networks, such as Ethereum, Avalanche, Moonbeam, and others. Such bridges work by locking tokens on the source network and issuing equivalent “wrapped” tokens on the target network, ensuring interoperability across chains.

Reason for hack: error in Replica smart contract code

The attack was based on a small but critical error in an update to the Replica smart contract code, which is responsible for verifying and processing transactions in the bridge.

• Ideally, the message processing process should involve a two-step verification : first, confirming the authenticity of the transaction (message validity), and then executing it – transferring funds.
• However, the updated contract initialized the value of “trusted” roots to 0x00, which is the same as the root for an unverified message. This meant that any message was automatically considered verified .
• As a result, a function process()in Replica.sol did not check the validity of transactions, allowing attackers to send arbitrary withdrawal requests without proper verification.

How did the hack happen?

• The first hacker identified and exploited the vulnerability by sending a transaction with a false verification to the bridge, which passed and received funds without depositing them into the original network.
• This became a signal for many other users, bots and attackers, who began to massively copy the successful transaction, simply replacing the recipient’s address with their own.
• In just a few hours, a multitude of transactions occurred, which effectively turned the hack into a “chaotic” mass attack – akin to a “Black Friday sale” where anyone could, without much knowledge, make significant amounts of money from the bridge.
• In the end, about $190 million was withdrawn in tokens, including Wrapped Ether (WETH), USD Coin (USDC), Wrapped Bitcoin (WBTC), and others.

Features and consequences of the attack

• An interesting detail was the number of participants: at least 40 different addresses took part in the attack, making the incident unique among most hacks that involve one or a few organized hackers.
• Following the incident, Nomad quickly suspended the bridge, launched an investigation, and brought in leading cybersecurity and blockchain forensics companies.
• Later, a special address was created to return the stolen funds, and the team itself tried to track and partially return the assets.
• Israeli police have arrested a suspect, Alexander Gurevich, who, according to investigators, was involved in laundering funds stolen during the hack.

Safety Lessons and Conclusions

• This incident highlighted the importance of rigorous and thorough verification of all stages of transaction processing in smart contracts, especially for critical protocols such as cross-chain bridges.
• Error in initialization of trusted values and overlap with parameters of unconfirmed messages is a classic problem that should always be taken into account when updating the code.
• The hack showed that a simple mistake can cause not only a technical vulnerability, but also trigger an avalanche effect involving multiple unintentional “exploits”, which greatly exacerbates the damage.
• The incident sparked widespread discussion in the crypto community about secure practices and the need for code auditing, as well as the need to develop more robust and secure mechanisms for inter-network interactions.

Conclusion

The 2022 Nomad Bridge hack is a confirmed case of an unnoticed bug in smart contract code leading to the largest crypto bridge theft to date. The incident serves as a lesson to all market participants that code security is key to the sustainability of decentralized financial services , and that mistakes in transaction verification and authentication can have disastrous consequences.

Technological errors, insufficient auditing and careless updates can provoke not only pinpoint hacks, but also large-scale mass attacks, which requires developers to constantly pay attention, improve and implement advanced security standards.

If needed, I can provide a more technical analysis of the vulnerability or describe the implications for the crypto industry as a whole.

Cetus Protocol , which runs on the Sui and Aptos blockchains, suffered one of the largest thefts in the history of the crypto industry – an attacker exploited an overflow vulnerability in the liquidity calculation and stole about  $223 million  in just 15 minutes.

In May 2025, the decentralized liquidity protocol Cetus Protocol , which runs on the Sui and Aptos blockchains, suffered one of the largest thefts in the history of the crypto industry – an attacker exploited an overflow vulnerability in the liquidity calculation and stole about $223 million in just 15 minutes.

What happened?

The Cetus protocol uses a concentrated liquidity market maker (CLMM) model, allowing liquidity providers to optimally allocate assets within given price ranges, improving capital management efficiency and facilitating the development of advanced trading strategies. In May 2025, the Cetus smart contract was discovered to contain a vulnerability in the shared math library related to an overflow error in the math_u256::checked_shlw.

This bug allowed the attacker to create fake liquidity tokens using just one token as input, which resulted in the virtual emission of an infinite amount of digital assets in the pool. As a result, the hacker was able to withdraw real assets from the platform to steal around $223 million, including SUI and USDC tokens.

Timeline of the attack

• The attack began on the morning of May 22, 2025, when trading volume on the platform skyrocketed from $320 million to a record $2.9 billion in just one day.
• The attacker transferred approximately $60-63 million in USDC to Ethereum, converting some of the funds into Ether (ETH).
• The Cetus team quickly suspended the smart contracts, freezing $162 million in stolen funds on the blockchain to prevent further withdrawals.
• Since a significant portion of the stolen funds remained frozen, and the rest was already being transferred to Ethereum and passed through mixing services (for example, Tornado Cash), active searches and attempts to return the assets began.

Community and Protocol Reaction

• The protocol’s governing body has offered a $6 million reward for information leading to the identification and arrest of the attacker.
• The Sui Foundation has provided Cetus Protocol with a loan to compensate for user losses and speed up the reimbursement process if the frozen funds on the blockchain are released.
• The protocol resumed operations 17 days after the hack, with liquidity pools recovered to 85-99% of their original values.
• Cetus continues legal proceedings with the attacker, who refused to negotiate.

Meaning and Lessons

• The incident showed how critical bugs in math libraries and smart contract logic can be , especially in DeFi, where improper overflow handling can lead to actual money printing and colossal losses.
• The Cetus hack was a prime example of the importance of continuous real-time monitoring of the liquidity status (TVL) and the use of automatic pause functions in case of anomalies. According to experts, TVL monitoring with the automatic pause function could have prevented up to 90% of losses.
• The incident highlighted the need to develop and implement comprehensive security measures, including code audits, stress tests, and proactive incident response.
• This case has increased the focus on security issues in Layer 1 blockchain ecosystems and their decentralized applications.

Brief key facts:

• The Cetus protocol was hacked on May 22, 2025, through an overflow vulnerability in a smart contract.
• The damage amounted to approximately $223 million (including SUI, USDC and other tokens).
• $162 million in stolen assets were quickly frozen in the blockchain.
• The Sui Foundation has provided a loan to help compensate users for losses.
• The protocol has restored most of its liquidity after the downtime and is planning further security measures.
• The attack demonstrated the vulnerability in the crypto ecosystem and the need for effective monitoring and rapid response to anomalies.

Thus, the Cetus protocol hack case of 2025 is a clear example of how a technical vulnerability in a smart contract’s mathematical library can lead to a large-scale and rapid theft, having a serious impact on decentralized finance and confirming the importance of comprehensive security measures and proactive security management in the crypto industry.

---

1. https://www.itsec.ru/news/burzhu-cetus-protocol-obokrali-na-223-mln
2. https://www.bitrue.com/ru/blog/cetus-protocol-hack-2025-lessons
3. https://xakep.ru/2025/05/27/cetus-protocol-hack/
4. https://www.coindesk.com/ru/business/2025/06/09/sui-s-cetus-dex-is-back-online-after-usd223m-exploit
5. https://www.bitget.com/ru/news/detail/12560604783496
6. https://www.coindesk.com/ru/markets/2025/05/28/sui-network-steps-in-to-compensate-cetus-losses-in-full-after-223m-exploit
7. https://www.binance.com/ru/square/post/24860991498353
8. https://news.bitcoin.com/ru/vzlom-na-summu-223-milliona-protokola-cetus-privlek-vnimanie-k-decentralizacii-sui/
9. https://www.block-chain24.com/news/novosti-altkoinov/cetus-protocol-na-baze-sui-predlagaet-nagradu-v-razmere-6-millionov-dollarov
10. https://cryptorobotics.ai/ru/news/news-report/cetus-protocol-hack-crypto-security-vulnerabilities

1. https://www.halborn.com/blog/post/explained-the-nomad-hack-august-2022
2. https://www.elliptic.co/blog/analysis/nomad-loses-156-million-in-seventh-major-crypto-bridge-exploit-of-2022
3. https://cloud.google.com/blog/topics/threat-intelligence/dissecting-nomad-bridge-hack/
4. https://www.incibe.es/index.php/en/incibe-cert/publications/cybersecurity-highlights/israel-arrests-suspect-wanted-us-nomad-bridge-hacking
5. https://gizmodo.com/nomad-crypto-hack-tokens-1849360052
6. https://immunebytes.com/blog/nomad-bridge-exploit-aug-1-2022-detailed-analysis/
7. https://www.coindesk.com/tech/2022/08/02/nomad-bridge-drained-of-nearly-200-million-in-exploit
8. https://techcrunch.com/2022/08/02/nomad-chaotic-exploit-crypto/?guccounter=2
9. https://www.spiceworks.com/it-security/security-general/news/nomad-bridge-crypto-heist/
10. https://www.ledger.com/ru/academy/basic-basics/become-a-crypto-detective/nomad-bridge-hack

Check your sources

1. https://www.halborn.com/blog/post/explained-the-wormhole-hack-february-2022
2. https://immunebytes.com/blog/wormhole-bridge-hack-feb-2-2022-detailed-hack-analysis/
3. https://www.chainalysis.com/blog/wormhole-hack-february-2022/
4. https://www.tradingview.com/news/cointelegraph:b7321d894094b:0-wormhole-bridge-hacker-from-2022-was-briefly-eligible-for-the-recent-airdrop/
5. https://www.bleepingcomputer.com/news/cryptocurrency/wormhole-cryptocurrency-platform-hacked-to-steal-326-million/
6. https://www.merklescience.com/blog/hack-track-analysis-of-wormhole-token-bridge-exploit
7. https://www.bitdefender.com/en-us/blog/hotforsecurity/wormhole-cryptocurrency-platform-hit-by-321-million-cyberattack
8. https://www.reuters.com/technology/crypto-network-wormhole-hit-with-possible-320-mln-hack-2022-02-03/
9. https://www.fountaincourt.co.uk/2024/11/us400m-proceeds-of-a-highly-publicised-crypto-hack-successfully-recovered-through-the-english-courts/
10. https://secuxtech.com/blogs/blog/the-wormhole-hack-2022s-largest-defi-hack-so-far

1. https://decenter.org/chernyi-iyul-parity-podrobnosti-ataki-i-instrukciya-po-vzlomu-koshelka/
2. https://www.coindesk.com/ru/markets/2017/07/19/30-million-ether-reported-stolen-due-to-parity-wallet-breach
3. https://forklog.com/news/kriticheskaya-uyazvimost-koshelka-parity-mozhet-privesti-k-hardforku-ethereum
4. https://www.youtube.com/watch?v=dLU7FbLQVmQ
5. https://www.bits.media/novaya-kriticheskaya-uyazvimost-v-koshelke-parity/
6. https://www.ukr.net/ru/news/details/technologies/104468555.html
7. https://blog.openzeppelin.com/on-the-parity-wallet-multisig-hack-405a8c12e8f7
8. https://forklog.com/news/proekt-aeternity-soobshhil-o-krazhe-82-000-eth-vsledstvii-uyazvimosti-v-koshelke-parity
9. https://www.securitylab.ru/news/487477.php
10. https://cyberleninka.ru/article/n/ne-korporativnoe-kriptoupravlenie

1. https://vc.ru/id2660513/1082438-top-samyh-gromkih-reentransi-atak-v-istorii-blokcheina
2. https://www.hx.technology/ru/blog-ru/top-blockchain-incidents-involving-hacking-attacks-ru
3. https://xakep.ru/2018/09/19/ethereum-top10-exploits/
4. https://www.coinex.com/ru/insight/report/coinex-research-an-introduction-to-common-vulnerabilities-and-attacks-in-smart-contracts-666917689a19491cbacf49f6
5. https://www.hx.technology/ru/blog-ru/top-web3-incidents-and-their-causes-ru
6. https://selecty.ru/kibervojny
7. https://safe.cnews.ru/news/top/2019-02-21_nevzlamyvaemye_blokchejny_podverglis_mnozhestvennym
8. https://www.tadviser.ru/index.php/%D0%A1%D1%82%D0%B0%D1%82%D1%8C%D1%8F:APT_-_%D0%A2%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B5_%D0%B8%D0%BB%D0%B8_%D1%86%D0%B5%D0%BB%D0%B5%D0%B2%D1%8B%D0%B5_%D0%B0%D1%82%D0%B0%D0%BA%D0%B8
9. https://habr.com/ru/companies/otus/articles/887598/
10. https://www.tadviser.ru/index.php/%D0%A1%D1%82%D0%B0%D1%82%D1%8C%D1%8F:%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D0%B0%D1%82%D0%B0%D0%BA%D0%B8

1. https://cyberacademy.dev/blog/31-web3-security-impacts-on-blockchain-and-web-technology
2. https://habr.com/ru/articles/788518/
3. https://www.block-chain24.com/news/novosti-bezopasnosti/hacken-ubytki-ot-vzlomov-kriptovalyutnyh-sistem-prevysili-31-mlrd-v-2025
4. https://cyberleninka.ru/article/n/k-voprosu-o-bezopasnosti-obrabotki-informatsii-s-ispolzovaniem-smart-kontraktov
5. https://kvaal.ru/blockchain/security-best-practices
6. https://www.itsec.ru/articles/smart-kontrakty-i-voprosy-bezopasnosti
7. https://www.youtube.com/watch?v=-QJtu-MKcD8
8. https://www.hx.technology/ru/blog-ru/top-blockchain-security-threats-in-2024-ru
9. https://cyberleninka.ru/article/n/analiz-blokcheyn-tehnologii-osnovy-arhitektury-primery-ispolzovaniya-perspektivy-razvitiya-problemy-i-nedostatki
10. https://decenter.org/smart-contracts-and-platforms-for-implementation/

1. https://www.osp.ru/os/2025/02/13059629
2. https://www.block-chain24.com/news/novosti-bezopasnosti/hacken-ubytki-ot-vzlomov-kriptovalyutnyh-sistem-prevysili-31-mlrd-v-2025
3. https://www.rbc.ru/crypto/news/62b2c6129a79470c2e13e69d
4. https://cisoclub.ru/ujazvimosti-v-razrabotke-ugroza-kriptodzhekinga/
5. https://freedmanclub.com/main-benefits-of-blockchain-and-cryptocurrency/
6. https://www.itsec.ru/articles/upravlenie-uyazvimostyami-v-kriptokoshelkah
7. https://www.kaspersky.ru/blog/4-key-steps-to-protect-cryptocurrency-properly/35069/
8. https://cryptocloud.plus/blog/kak-zashchitit-kriptovalyutu-ot-krazhi
9. https://www.kaspersky.ru/resource-center/preemptive-safety/strengthen-cryptocurrency-security
10. https://www.tadviser.ru/index.php/%D0%A1%D1%82%D0%B0%D1%82%D1%8C%D1%8F:%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B D%D0%B0%D1%8F_%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1 %81%D1%82%D1%8C_%D0%B2_%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8

1. https://www.block-chain24.com/news/novosti-bezopasnosti/hacken-ubytki-ot-vzlomov-kriptovalyutnyh-sistem-prevysili-31-mlrd-v-2025
2. https://dtf.ru/id2454747/3469548-vcherashnii-obval-kriptovalyut-prichiny-i-posledstviya
3. https://plusworld.ru/journal/2025/plus-3-323-2025/kiberugrozy-kriptobiznesa-trendy-2024-2025/
4. https://www.rbc.ru/crypto/news/67a071be9a79477ab9e209d1
5. https://psm7.com/ru/cryptocurrency/kryptohakery-vykraly-rekordni-2-mlrd-u-2025.html
6. https://trusteeglobal.com/ru/academy/why-cryptocurrency-falls-and-rises/
7. https://www.forbes.ru/investicii/531761-cena-bitkoina-upala-nize-80-000-i-poterala-cetvert-ot-istoriceskogo-maksimuma
8. https://expert.ru/news/v-2025-godu-khakery-ukrali-2-17-mlrd-v-kriptovalyute/
9. https://ru.tradingview.com/chart/BTCUSDT/1IdSCzCC-what-factors-cause-the-growth-or-fall-of-the-bitcoin-rate/
10. https://bitok.org/ru/blog/2025-crypto-hacks-exploits-report

1. https://www.coindesk.com/ru/business/2025/07/01/crypto-investors-lost-usd2-5b-to-hack-and-scams-in-the-first-half-of-2025
2. https://yellow.com/ru/news/%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D1%85%D0%B0%D0%BA%D0%B8-%D0%BF%D1%80%D0%B5%D0%B2%D1%8B%D1%88%D0%B0%D1%8E%D1%82-31-%D0%BC%D0%BB%D1%80%D0%B4-%D0%B2-2025-%D0%B3%D0%BE%D0%B4%D1%83-%D0%BD%D0%B0-%D1%84%D0%BE%D0%BD%D0% B5-%D1%80%D0%BE%D1%81%D1%82%D0%B0-%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B5%D0%B9-%D0%BA%D0%BE%D0%BD%D 1%82%D1%80%D0%BE%D0%BB%D1%8F-%D0%B4%D0%BE%D1%81%D1%82%D1%83%D 0%BF%D0%B0-%D0%B8-%D1%83%D0%B3%D1%80%D0%BE%D0%B7-%D0%B8%D0%B8
3. https://www.binance.com/ru/square/post/22383244871049
4. https://www.block-chain24.com/news/prognozy/vysokiy-barer-50-neinvestorov-nedostatochno-razbirayutsya-v-cifrovyh-aktivah-chtoby
5. https://pikabu.ru/story/hacken_ubyitki_ot_khakerov_v_kripte_vyirosli_na_96__pochti_2_mlrd_za_3_mesyatsa_12581406
6. https://cryptonews.net/ru/news/security/30763684/
7. https://www.block-chain24.com/news/novosti-bezopasnosti/hacken-ubytki-ot-vzlomov-kriptovalyutnyh-sistem-prevysili-31-mlrd-v-2025
8. https://forklog.com/news/hudshee-polugodie-industriya-poteryala-ot-skama-i-hakerov-3-1-mlrd
9. https://www.coindesk.com/ru/business/2025/07/24/multisig-failures-dominate-as-usd2b-is-lost-in-web3-hacks-in-the-first-half