Slow regulations, fear of missing out (FOMO) and growing adoption are powering a crypto crime “supercycle,” according to cybersecurity practitioners.
Crypto crime losses hit a new record in the first half of 2025, beating the previous record set in 2022 and nearly equal to the total losses from all of 2024.
Speaking to Cointelegraph, Bill Callahan, a retired DEA agent and cryptocurrency investigator, said a lack of regulation combined with hype and FOMO has been playing into criminals’ hands, though he said he wouldn’t necessarily call it a crime supercycle.
“The rapid proliferation of new crypto assets, particularly memecoins, combined with a surge in retail investors and limited regulatory oversight, creates opportunities for criminal activity, including theft, bogus investment schemes, scams and frauds.”
Risk vs reward ratio favors crypto criminals
Callahan said crypto scams likely appeal to bad actors given the offer of anonymity and ease of setting up scams.
“We must remember, the bad guys have time, money and resources on their side to perfect criminal activity, and they don’t need to get it right all the time to still make a handsome profit.”
Blockchain security firm CertiK said in its H1 Hack3d report released on July 1 that the average loss per security incident in 2025 has been $4.3 million, with the median loss being $103,996.
Natalie Newson, a senior blockchain investigator working for CertiK, told Cointelegraph that a “convergence of conditions” has emboldened bad actors.
“Influencers and key opinion leaders continue to launch tokens with questionable intent, profiting through tactics like sniping and leaving retail investors exposed,” Newson said.
Market surveillance firm Solidus Labs said in its May rug pull report that 98.7% of tokens on the token launchpad Pump.fun exhibit characteristics of pump-and-dump schemes.
At the same time, Newson said law enforcement agencies around the world face growing challenges — limited resources, cross-jurisdictional complexities, and the technical sophistication of cybercriminals.
A July 2024 report from blockchain analysis firm Chainalysis highlighted money laundering techniques as a particular challenge for law enforcement agencies and crypto service providers.
“The result is a widening gap between illicit activity and accountability, creating an increasingly hostile environment for legitimate users and builders.”
She speculates that increased smart contract security and user education could turn the tide, but admitted there is no way to stop criminals.
Regulators are not harsh enough
Meanwhile, Hank Huang, CEO of Kronos Research, argued regulators have “swung from overreach to underreaction.”
He said while early enforcement “was often harsh,” it’s now swinging too far the other way, and we are “seeing too little accountability.”
“That imbalance creates fertile ground for what feels like a crypto crime supercycle. The fix isn’t more crackdowns; it’s smart, targeted regulation and finding balance to continue driving mass adoption.”
Zero losses is an impossible task
At the same time, law enforcement worldwide has been stepping up efforts to drive bad actors out of the crypto space, with recent enforcement actions targeting darknet marketplaces worldwide.
Related: Crypto crime goes industrial as gangs launch coins, launder billions — UN
However, Huang said despite the uptick in crackdowns, losses from crypto crime will never hit zero because decentralized markets with anonymous participants will “always attract both good and bad actors.”
Instead of trying to eliminate crypto losses, he said the focus should be on minimizing risks for users.
“Other industries are getting hit too, but crypto’s speed and global access make it especially vulnerable. These attacks are less about targeting crypto and more about testing the limits of emerging systems,” Huang said.
Magazine: Coinbase hack shows the law probably won’t protect you: Here’s why
