The cryptocurrency sector suffered a catastrophic security regression in November, with total losses from exploits and hacks surging nearly 1,000% month-over-month.
According to a forensic report by blockchain security firm CertiK, the industry lost a total of $127 million, with smart contract vulnerabilities, rather than phishing, reclaiming the title of the primary attack vector.
During the four weeks of November 2025, CertiK Alert recorded more than 10 major attacks. The largest crypto attack in November involved Balancer and Upbit, which lost $113 million and $29 million respectively.
Bex and Yearn Finance registered a net loss due to system exploits of about $12.4 million and $9.1 million. earlier on Monday that Yearn Finance had been siphoned of more than $9 million, whereby the attacker exploited its smart contract function to mint near infinite amounts of yETH tokens.
Delated:
The DeFi attackers exploiting code vulnerabilities were a major contributor to the list of funds in November. Poor design in bridges and other security features proved to be expensive for the DeFi space. Moreover, crypto wallet compromises recorded a loss of over $33 million in November.
The North Korean hackers, who are sponsored by the government, were accused of stealing a significant amount of the stolen funds in November. The sophisticated attack methods and the use of crypto mixers, such as Tornado Cash, remained a major flow of stolen funds last month.
The 10x month-over-month increase in November’s crypto exploit has contributed to the recent bloodbaths. Moreover, funds lost have lowered institutional and investors’ confidence in DeFi protocols’ ability to secure trillions of dollars.
At press time, the DeFi ecosystem had a total value locked (TVL) of about $114 billion and a stablecoins market cap of around $306 billion. The Ethereum (ETH) core developers, led by Vitalik Buterin, have been advocating for enhanced privacy, decentralization, and security within the crypto and blockchain space to enhance mainstream adoption of digital assets.
According to Buterin, crypto users must not trust web3 developers seeking to centralize their systems in the name of enhanced services. Essentially, Buterin believes that developers must reduce centralization in a bid to eliminate risk points.
Just Now
Dear LBank User
Our online customer service system is currently experiencing connection issues. We are working actively to resolve the problem, but at this time we cannot provide an exact recovery timeline. We sincerely apologize for any inconvenience this may cause.
If you need assistance, please contact us via email and we will reply as soon as possible.
Thank you for your understanding and patience.
LBank Customer Support Team