Finance
Share this article

$302 Million Lost to Crypto Scams, Hacks, and Exploits in May: CertiK

The largest attack was the $225 million exploit of the Cetus Protocol.

By Oliver Knight|Edited by Stephen Alpher
Updated Jun 2, 2025, 3:42 p.m. Published Jun 2, 2025, 2:08 p.m.
(Wesley Tingey/Unsplash+)
(Wesley Tingey/Unsplash+)

What to know:

  • Cryptocurrency investors suffered losses exceeding $300 million due to scams, hacks, and exploits, with code vulnerabilities being the primary cause.
  • Code-related vulnerabilities accounted for $229 million of the losses—a staggering 4,483% increase from April.
  • The largest exploit was the $225 million Cetus Protocol hack, which led to Sui controversially halting its blockchain.

Cryptocurrency investors lost more than $300 million to scams, hacks and exploits in May, according to blockchain security firm CertiK.

The majority of those losses were related to code vulnerability exploits, which accounted for $229 million -- a 4,483% rise on April.

STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
By signing up, you will receive emails about CoinDesk products and you agree to our terms of use and privacy policy.

Phishing, which involves an attacker stealing a user's trading account or wallet credentials, accounted for $47 million of losses while private key compromise and price manipulation were behind $11.6 million and $1 million of losses respectively.

“Our research revealed an interesting anomaly in May: a significant increase in losses from code vulnerabilities, which represented a majority of exploited funds”, said CertiK senior blockchain security researcher Natalie Newson.

"It is important to point out that over the fast few years, losses from code vulnerabilities have decreased significantly. In 2024 $173 million was lost to code vulnerabilities, compared with $1.3 billion in 2021."

The largest incident of all in was the Cetus Protocol exploit that prompted Sui to controversially pause the blockchain as attackers made off with $225 million.

HacksScamsExploits

More For You

Protocol Research: GoPlus Security

By CoinDesk Research
Nov 14, 2025
Commissioned byGoPlus
GP Basic Image

What to know:

  • As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
  • GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
  • Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
View Full Report

More For You

Turkey's Paribu Buys CoinMENA in $240M Deal, Expanding Into High-Growth Crypto Markets

By Krisztian Sandor, AI Boost|Edited by Jamie Crawley
19 hours ago
Yasin Oral, Founder and CEO of Paribu (center) and Dina Sam’an (left) and Talal Tabbaa (right), Co-Founders of CoinMENA (Paribu, modified by CoinDesk)

With the acquisition, Paribu gains regulatory foothold in Bahrain and Dubai and access to the region's fast-growing crypto user base.

What to know:

  • Paribu acquires Bahrain- and Dubai-based CoinMENA for up to $240 million.
  • Deal marks Turkey’s biggest fintech acquisition and first international crypto M&A, the firm said.
  • The move taps into the MENA region’s fast-growing crypto user base and supportive regulatory hubs.
Read full story