In the first half of 2025, over $3.01 billion was stolen in just 119 crypto-related hacks, already surpassing the total losses of 2024. But more alarming than the volume is the speed. A new report by Swiss blockchain analytics firm Global Ledger shows that cybercriminals are now laundering stolen crypto at lightning pace, often before anyone realises a breach has occurred.
Laundering in Minutes: Hackers Stay Ahead
The report details how attackers are using mixers, cross-chain bridges, and centralised exchanges (CEXs) to launder funds within minutes of a hack. In the fastest documented case, funds were transferred just four seconds after the exploit and fully laundered in under three minutes.
Overall, 31.1% of laundering operations were completed within 24 hours, while it typically took an average of 37 hours for a hack to become publicly known. On average, hackers began moving funds 15 hours after the breach, giving them a 20-hour head start before victims or platforms noticed.
Most notably, in nearly 23% of all cases studied, the laundering was fully completed before any public or internal disclosure of the breach. In nearly 7 out of 10 incidents (68.1%), funds were already on the move before the hack was reported through social media, press statements, or internal alerts.
As a result of this growing speed advantage, only 4.2% of stolen funds were recovered in the first half of 2025.
Centralised Exchanges Under Pressure
While decentralised finance (DeFi) protocols have long been seen as risky, the report shows that CEXs remain the primary entry point for attackers. Centralised platforms were responsible for 54.26% of total crypto losses in 2025, far more than token contract exploits (17.2%) or personal wallet hacks (11.67%).
Additionally, 15.1% of all laundered crypto passed through CEXs in the first half of 2025. This highlights a key vulnerability: many exchanges rely on ticket-based compliance processes that take too long to respond to high-speed laundering.
In most cases, CEX compliance teams have just 10–15 minutes to detect and block a suspicious transaction before the funds are lost forever. By the time most alerts are triggered, the damage has already been done.
The report urges exchanges to shift to real-time, automated systems for anti-money laundering (AML) detection and response. Without automation and instant alerts, stopping cybercriminals is nearly impossible in today’s fast-paced environment.
The Role of Regulation: Genius Act Raises the Bar
New regulations are raising expectations for virtual asset service providers (VASPs). On 18 July 2025, US President Donald Trump signed the Genius Act into law, enforcing stricter AML standards for crypto platforms.
Under the Genius Act, exchanges must respond more quickly to suspicious activity, report incidents within shorter timeframes, and implement preventive measures. This includes investing in real-time tracking and automated systems that can spot suspicious flows within seconds, not hours.
This legislation marks a shift in regulatory thinking, from simply responding to financial crime to stopping it before it happens.
Developers Under the Microscope: The Roman Storm Trial
The trial of Tornado Cash developer Roman Storm is shaping up to be a landmark case. Storm is charged with conspiracy to commit money laundering, accused of allowing his decentralised privacy tool to facilitate over $1 billion in illicit transactions.
US prosecutors argue that Storm could have added safeguards but chose not to, pointing to potential links with North Korea’s Lazarus Group. If found guilty, he could face up to 45 years in prison.
The case raises a critical question: Should developers of open-source crypto tools be held responsible if criminals misuse their code? Many in the industry fear that prosecuting a developer for writing software, particularly for a decentralised protocol could set a dangerous precedent that undermines innovation and privacy.
Match Speed with Speed
The Global Ledger report makes one thing clear: speed is the new battleground in crypto crime. Hackers have evolved, and centralised exchanges must do the same. Traditional compliance processes simply can’t keep up with laundering that happens in minutes.
With regulators tightening their grip and legal expectations rising, crypto platforms are under increasing pressure to act fast or risk losing not just funds, but trust.
