DeFi Attacks Double in April, $92M Stolen

The main target was UPCX, an open-source platform focused on payment solutions. A vulnerability in the admin contract caused it to lose over $70 million, which accounts for the bulk of the total losses. The second largest incident was the KiloEx hack, which resulted in the theft of $7.5 million, but the thief soon returned the funds.

All April incidents affected exclusively DeFi projects — centralized platforms, as indicated in the report, did not record attacks during this period.

Immunefi, which specializes in protecting blockchain projects and user assets worth about $190 billion, actively cooperates with “white” hackers, having paid them a total of more than $116 million for help in finding vulnerabilities.

The report highlights growing concerns about threats posed by state-backed groups. For example, the massive attack on Bybit in February 2025, which resulted in the theft of more than $1.4 billion, may indicate the involvement of such structures. Immunefi founder Mitchell Amador said that such attacks demonstrate a high threat from cybercriminal groups operating under the auspices of states.

Amador emphasized the need to rethink approaches to cybersecurity, including the implementation of the “zero trust” principle, formal checks and regular audits. In his opinion, DeFi protocols should be designed with intrusion in mind from the start, and investors should be prepared for even seemingly secure interfaces to be compromised.

Immunefi also reports that over $1.7 billion in crypto assets have already been stolen in the first four months of 2025, a figure that has already exceeded the total losses for the entire 2024, which was $1.49 billion.

According to Eric Jardine of Chainalysis, the temporary lull in North Korea's Lazarus Group's activities in the second half of last year was likely a strategic pause before the large-scale attack on Bybit.