• Crypto hacks took $147 million in July 2025.
• Security breaches go after contracts, supply chains, and user access points.

In July 2025, the crypto market received a devastating blow with an estimated loss of up to 147 million dollars of losses. This astounding number of hacks and scams on both centralized and decentralized exchanges begs the question, How strong is the security of the industry?

Inside the $147 Million Crypto Catastrophe

The SlowMist Blockchain Hacked Incident Database has recorded 13 significant hacks in July that lost around $140 million. In the meantime, Dune anti-scam platform Scam Sniffer received more than 9,000 cases of phishing victims, who lost approximately 7 million dollars on average.

Among the most prominent events, there was the case of India, where on July 19, CoinDCX lost an equivalent of about $44.2 million in an internal operations wallet. CoinDCX co-founder Sumit Gupta guaranteed the safety of customers’ funds in cold wallets and promised that the company’s reserves would cover all losses.

The decentralized exchange GMX lost almost $42 million in a complex reentrancy attack that occurred on July 9. The malicious user targeted the leverage and price update systems that had weaknesses in them to exploit them to get profits by manipulating token prices.

GMX offered a bounty of five million dollars to the white hat who helped secure the vulnerability and protect the funds at risk. The company took this step in response to the swift disclosure and patching of the issue.

Phishing Schemes and Supply Chain Attacks Flood the Sector

Centralized exchanges were not spared. BigONE had a supply chain attack in which the server logic was violated and allowed unauthorized transfers, which yielded the attackers about $27 million. Nevertheless, despite this violation, BigONE denied any leakage of the private keys and will compensate for all losses on its own.

On July 24, WOO X paused all withdrawals after a phishing attack on a team member led to unauthorized withdrawals totaling $14 million. The attacker got into the development environment and managed to overcome security measures to get money out of user accounts.

Another exploit occurred on the Ethereum layer 1 cross-chain bridge ZKSwap, with a bug that caused an emergency withdrawal mechanism to fail to correctly validate zero-knowledge proofs, and $5 million was stolen.

What Went Wrong? Security Gaps Abound

Smart contract vulnerabilities dominated attack strategies. The centralized exchanges had the lion’s share of the total losses at 61 percent, reflecting their compromised nature of security. Analysts recommend highly intensive audits, transparency in systems, and strong security enhancements as essential to such systems, particularly when using complicated products such as leverage and oracles.

There are also dangers beyond on-chain exploits that security teams caution. There has been a dramatic increase in the prevalence of phishing attempts that use phony Zoom meetings and hardware. Attackers can deprive victims of a substantial amount of valuable property by using illegal sources or fake links.

Crypto Security: The Industry under Attack

In July alone, the Web3 ecosystem was so fragile that hackers, with the help of insiders, supply chain manipulation, phishing campaigns, and insecure smart contracts, combined to make July a very unhealthy month. The fact that the amount of money lost is 147 million dollars underlines the ongoing threat-filled ecosystem of crypto users and outlets.

Even though some companies like GMX and CoinDCX are quick to recover the losses and rectify the vulnerabilities, the whole crypto community should take these hacks as a red flag. Enhanced security, phishing awareness of the users, and system transparency are not choices, but the components of survival.