The crypto industry suffered a sharp increase in hacking-related losses in July, with bad actors stealing at least $142 million across 17 separate incidents, according to blockchain security firm PeckShield. This represents a 27% jump from June’s $111 million in losses, though it still reflects a 46% decline year-on-year from July 2024, which witnessed $266 million in stolen assets.

The single largest exploit this month involved Indian crypto exchange CoinDCX, which lost $44 million in a sophisticated server breach. The July figures mark a worrying shift, as hackers increasingly move beyond traditional smart contract vulnerabilities to exploit weaknesses in offchain infrastructure.

CoinDCX Hack Leads the List

CoinDCX’s $44 million breach on July 18 was the biggest in July and is now one of India’s largest crypto hacks of 2025. The company’s CEO, Sumit Gupta, described it as a “sophisticated server breach,” prompting an internal investigation that led to the arrest of an employee on July 31.

Though specific technical details remain undisclosed, the breach highlights growing concerns around internal security lapses and human factors in the crypto industry. CoinDCX has since pledged to enhance its security protocols and restore customer confidence.

Phishing Attack Hits WOO X

Another notable incident was the $14 million hack of the crypto trading platform WOO X on July 24. According to Rob Behnke, chairman of blockchain security firm Halborn, the attack was executed through social engineering.

“A team member’s device was compromised, allowing attackers to pivot into the development environment and execute malicious transactions,” Behnke revealed in a report. The attackers drained accounts across multiple blockchains Bitcoin, Ethereum, BNB, and Arbitrum, over a two-hour period before being detected. Affected user balances were later reimbursed from WOO X’s treasury.

The attack illustrates a growing trend of targeting human vulnerabilities and backend systems rather than onchain code.

Third-Party Vulnerability Impacts BigONE

On July 16, another crypto exchange, BigONE, fell victim to a third-party security lapse that compromised its hot wallet infrastructure. The breach resulted in the loss of at least $27 million. Though smaller in scale than the CoinDCX incident, it raises further concerns about the security of custodial wallets and third-party integrations.

Together, these three incidents CoinDCX, BigONE, and WOO X, account for over $85 million of July’s total crypto losses, or nearly 60% of the total amount stolen.

Hackers Shift Focus to Offchain Systems

Commenting on the broader security landscape, Halborn’s Behnke noted a significant shift in hacker strategies. “Instead of looking for exploitable smart contract vulnerabilities, which can often be patched or audited, attackers are now exploiting backend infrastructure, human errors, and social engineering tactics,” he said.

This trend places increasing pressure on crypto firms to implement robust operational security (OpSec) measures, beyond the scope of smart contract audits. It also underscores the need for better staff training, endpoint security, and internal access controls to defend against insider threats and phishing campaigns.

A Wake-Up Call for the Industry

While July’s total losses remain lower than last year’s July figure, the upward monthly trend and nature of the attacks signal an alarming evolution in crypto-related cybercrime. The focus on backend breaches and employee targeting suggests that traditional defenses may no longer be enough.

With insiders involved and social engineering becoming a common entry point, crypto firms must reassess their entire security posture from infrastructure to human resource policies. As the sector continues to grow, so too does the sophistication of threats it must counter.