Crypto market losses due to hackers — how much was lost in May

In May 2025, the cryptocurrency sector was hit with a series of hacker attacks, resulting in significant financial losses. According to the PeckShield analytical platform, at least 20 major incidents resulted in losses totaling $244.1 million. While this figure is 39.29% lower than in April, the scale of the attacks remains alarming.

Decentralized platforms have become the main targets, and attackers exploit smart contract vulnerabilities, Incrypted writes.

The biggest attacks of May: Cetus Protocol and others

Cetus Protocol: $220 million under attack

Cetus Protocol, the leading decentralized exchange (DEX) on the Sui blockchain, was hit hardest. On May 22, hackers exploited a vulnerability in the smart contract's business logic, enabling them to withdraw $220 million worth of assets. The attackers manipulated price curves and reserve calculations using fake tokens, such as BULLA. This resulted in the draining of liquidity pools, a trading halt, and a sharp decline in the value of Sui-based tokens — some of which lost up to 90% of their value. The USDC stablecoin lost its peg to the dollar, trading at $0.9996.

Fortunately, thanks to the swift response of Cetus and the Sui network, 71% of the stolen assets ($157 million) were frozen. The Cetus team announced plans to fully compensate affected users, which sent a positive signal to the community. However, the incident underscored the critical vulnerability of smart contracts, which remain a primary target for hackers.

Cork Protocol: Quick attack for $12 million

Another notable case was the hack of the Cork Protocol, in which an attacker deployed a malicious smart contract and withdrew 3,761.87 WSTETH (equivalent to $12 million) in 16 minutes. The assets were instantly converted into Ethereum, which made them difficult to trace. This incident shows how quickly hackers can exploit vulnerabilities using automated tools.

DPRK-related attack: $5.2 million

Other incidents include an attack attributed by analysts to hacker groups from North Korea. The losses amounted to $5.2 million. North Korean hackers are known for their activity in the cryptocurrency sector, including the $1.5 billion hack of the Bybit exchange in 2024. These attacks suggest an increasing threat from state actors who use cybercrime to fund their programs.

Mobius Token incident: $2.2 million

The hackers attacked the Mobius Token (MBT) crypto wallet, stealing $2.2 million in just two minutes after deploying a malicious contract. The speed of the attack suggests that automated tools were used to scan the blockchain for vulnerabilities in real time.

MaplestoryU and others: Small but painful losses

The attack on MaplestoryU resulted in a loss of $1.2 million. A number of other incidents added to the total amount lost. Though these sums are smaller, they highlight the systemic security issues in the crypto sector, where even small projects are targeted.

Hackers' techniques range from spam transactions to fake tokens

One of the most common methods in May was address poisoning, which caused a loss of 2.6 million USDT. Attackers sent zero-value transactions to mislead users into transferring funds to fake addresses. Cyvers detected this incident in real time, which reduced the losses somewhat.

Another common method is manipulating smart contracts, as in the case of the Cetus Protocol. In this case, hackers used fake tokens to distort liquidity calculations, allowing them to withdraw real assets at lower rates. Such attacks require an in-depth understanding of blockchain code, indicating that the attackers are highly skilled.

Implications for the crypto market

The $244.1 million in losses in May is only part of the bigger picture. According to the Global Ledger, the crypto sector lost $1.93 billion in the first quarter of 2025 due to 43 attacks, 76% of which are linked to groups allegedly affiliated with the DPRK. Smart contracts remain the most vulnerable link, accounting for 62.79% of the incidents.

The decline in token values, such as CETUS (-40%), BULLA (-90%), and MOJO (-90%), as well as the loss of the USDC peg to the dollar, caused panic among investors. This highlights the financial and reputational risks that projects face when they fall victim to attacks. Conversely, the successful freezing of $157 million in the Cetus case demonstrates progress in addressing cyber threats.

As a reminder, Ukraine is reportedly introducing a digital currency, the e-hryvnia, to complement existing payment methods, such as cash and non-cash transactions. This innovation will ensure the direct storage of funds at the National Bank, contributing to the stability and reliability of the new currency in the financial market. It is a step toward modernizing the country's payment system.

Ukraine is also expected to legalize cryptocurrency in the first half of 2025. Notably, this legislation will not offer tax benefits to crypto asset holders. This means that cryptocurrency transactions will be subject to the general taxation system.