May 2025 saw over $244 million stolen due to crypto hacks, marking a significant 39.29% drop from April's figures. Despite this decline, the situation remains alarming.
Cetus DEX Exploit
The most devastating incident occurred on May 22, when Cetus DEX was hacked, resulting in $223 million in stolen funds — accounting for nearly 90% of May's total losses.
Security researchers from Dedaub traced the exploit to a flaw in the Most Significant Bits (MSB) check, which allowed attackers to manipulate liquidity parameters and drain pools with minimal input. Essentially, the attackers opened massive positions and drained liquidity across the platform.
Fortunately, quick action from Cetus and the Sui Network led to a recovery of $157 million, freezing the assets before they could be fully laundered — resulting in a 71% recovery rate.
Other Notable Incidents
Beyond Cetus, several other significant attacks hit the crypto space:
* Cork Protocol: exploited for $12 million in Wrapped Staked Ether (wstETH), later swapped into ETH. * A DPRK-linked hack: a suspected attack by North Korea’s Lazarus Group resulted in a loss of $5.2 million. * MBU Token exploit: $2.2 million stolen due to vulnerabilities in token contract logic. * MapleStory Universe hack: $1.2 million lost, rounding out the month’s top five exploits.
Prospects and Threats
Despite the major exploits, May marked a clear drop in total hack volume compared to April and even more so against February 2025, when a single attack on Bybit contributed to $1.53 billion in stolen funds.
For context, Q1 2025 saw over $1.63 billion in total crypto losses, with January alone accounting for $87 million. In comparison, May’s figures suggest that platform security may be slowly improving, with faster incident responses and better ecosystem collaboration.
However, the threat of crypto hacks is far from over. Attackers continue to evolve, exploiting minor oversights in smart contracts and platform architecture. The Cetus hack serves as a stark reminder that even a single vulnerability can lead to massive damage.
May 2025 may have shown a dip in total losses, but the crypto space remains a high-value target for cybercriminals. If the industry continues improving its security posture — through better tooling, audit processes, and collaboration — recoveries like those of Cetus could become more common.
