Private Key Compromise attacks in 2025

Likely private-key theft gave attackers control of GANA Payment's BSC contract; they manipulated reward rates and drained $3.1M via the unstake function.

SBI Crypto, SBI Holdings' mining arm, lost $24M across BTC, ETH, LTC, DOGE and BCH. Undetected for 7 days until ZachXBT flagged a pattern matching DPRK Lazarus.

UXLINK, a Web3 social protocol, lost roughly $41M after attackers compromised the project's multi-sig keys and exploited an unrestricted delegatecall path.

SwissBorg's SOL Earn lost $41.5M (193,000 SOL) via a compromised API at staking vendor Kiln. SwissBorg itself wasn't breached; the third-party infra was.

A hot-wallet compromise across 7 chains drained $48M from Turkish exchange BtcTurk, its second major hack in 14 months. Cold storage was untouched.

Attackers drained $44M from CoinDCX's internal liquidity account for partner-exchange reserves; the exchange absorbed the loss from treasury.

$90M+ drained from Iran's largest exchange by Predatory Sparrow, then burned to addresses tagged with anti-IRGC messages — a destruction-not-profit hack.

UPCX lost roughly $70M from its treasury after a compromised admin account on the open-source payments platform pushed a malicious smart-contract upgrade.

$8.4M drained from Zoth, an RWA restaking protocol, after its deployer/upgrade key was compromised and used to push a malicious proxy implementation.

$49.5M drained from Infini's Morpho MEVCapital USDC vault by the address that built the contract and quietly retained admin authority after launch.

~$73M drained from Phemex hot wallets across 16 blockchains in a coordinated sweep — the first major exchange hack of 2025, with TTPs consistent with Lazarus.

Moby Trade, an Arbitrum options protocol, lost ~$1M after a privileged key was compromised and used to rig option settlement. SEAL white-hats limited damage.