Crypto Hacks Surge in 2025
A recent analysis from Swiss blockchain analytics firm Global Ledger indicates that over $3.01 billion was stolen in 119 separate cryptocurrency hacks during the first half of 2025, a figure that exceeds the total losses reported for the entire year of 2024. This troubling statistic is compounded by a concerning trend: the speed at which these cybercriminals are operating. The study examined on-chain data related to these breaches and tracked how quickly the stolen assets were funneled through mixers, bridges, and centralized exchanges. Researchers discovered that the laundering process is now completed in mere minutes, often occurring before victims are even made aware of the breach.
Rapid Laundering Trends
The findings reveal that in approximately 23% of cases, the laundering of stolen funds was entirely finished before news of the breach became public. In many instances, the illicit funds were already in transit by the time victims realized they had been compromised. Consequently, by the time a breach is officially reported, it may already be too late to recover the stolen assets.
Speed of Laundering
As hackers become increasingly adept at laundering their gains, Anti-Money Laundering (AML) systems and Virtual Asset Service Providers (VASPs) are finding it increasingly challenging to keep pace. In some instances, laundering occurs almost instantaneously; the fastest recorded case saw funds transferred just four seconds after the hack, with complete laundering finalized within three minutes. Overall, 31.1% of laundering activities were completed within a 24-hour window, while public disclosure of the hacks took an average of 37 hours. Attackers typically initiate fund transfer approximately 15 hours after a breach, giving them a significant 20-hour advantage before the incident is detected.
Recovery Rates Decline
In nearly 70% of cases (68.1%), the stolen funds were already in motion prior to any public announcements or alerts via press releases or social media. Alarmingly, in about 22.7% of cases, the laundering process was entirely finished before any internal or public notification took place. This rapid movement of funds has resulted in a dismal recovery rate, with only 4.2% of stolen assets retrieved in the first half of 2025.
New Compliance Challenges for Centralized Exchanges
The report further noted that 15.1% of laundered cryptocurrency in early 2025 passed through centralized exchanges (CEXs), with compliance teams often having a mere 10 to 15 minutes to intercept suspicious transactions before the assets are lost. CEXs remain the primary target for cybercriminals, accounting for 54.26% of total losses in 2025, significantly more than breaches involving token contracts (17.2%) and personal wallets (11.67%).
The Need for Real-Time Monitoring
As hackers evolve, traditional ticket-based compliance methods employed by exchanges are proving inadequate. The report advocates for centralized exchanges to implement real-time, automated monitoring and response systems capable of detecting and halting illicit activities before the funds are completely laundered. Given that laundering can be accomplished in a matter of minutes, it is imperative that exchanges develop equally swift detection and response mechanisms.
Legislative Pressures on Crypto Platforms
Recent legislation, such as the Genius Act signed into law by former U.S. President Donald Trump on July 18, has intensified the scrutiny on exchanges and VASPs, imposing stricter AML requirements and expectations for faster responses to suspicious activities.
Implications of the Roman Storm Trial
The ongoing trial of Roman Storm, a developer associated with Tornado Cash, brings to light a significant shift in regulatory expectations regarding accountability in the cryptocurrency space. Central to the case is whether developers and platforms should be held liable for not preventing illicit activities that they could have foreseen. U.S. prosecutors have argued that Storm had the capability to implement preventive measures but chose not to do so. Facing multiple charges, including conspiracy to commit money laundering, Storm’s platform is alleged to have facilitated over $1 billion in illegal transactions, including those linked to North Korea’s Lazarus Group. If found guilty, he could face a maximum sentence of 45 years in prison. The outcome of this case could set a pivotal precedent for open-source development and privacy tools, with many concerned that prosecuting developers for their code could stifle innovation and jeopardize software freedom.
