Crypto and Web3 security incidents led to over $801.3 million in losses across 144 incidents in Q2 2025. CertiK reported that this reflects a 52.1% decrease in value lost from the previous quarter.
The quarter also saw 59 fewer incidents during this period.
Phishing was the most damaging attack vector, as it saw $395 million being stolen across 52 incidents. Code vulnerabilities followed suit and recorded $235.8 million in losses across 47 incidents.
In its latest report, CertiK said that Ethereum saw the highest number of incidents. The network recorded 70 hacks, scams, and exploits, resulting in $65.4 million in losses for the quarter.
Additionally, funds worth $181 million were recovered, which brought the adjusted losses for the second quarter to $620.4 million. The average loss per incident was $4.3 million, while the median was around $104,000.
Zooming out, the blockchain security firm also reported total losses of $2.47 billion across 344 incidents for the first half of 2025. Wallet compromises were the costliest during this period, as these breaches accounted for $1.71 billion in losses across 34 incidents. Next up was phishing, with $410.7 million stolen across 132 incidents, which made it the most frequent attack type so far this year.
So far this year, Ethereum recorded 175 incidents in H1, resulting in $1.63 billion in losses. A total of $187.3 million was recovered in the first half of the year, pushing the adjusted total losses to $2.29 billion. Meanwhile, the average loss per incident for H1 was $7.13 million, with a median loss of $89,026.
CertiK noted that while headline figures suggest worsening crypto security, two incidents alone accounted for around $1.78 billion of 2025’s losses – the Bybit hack and the Cetus Protocol breach.
Hackers exploited Bybit’s cold wallet infrastructure in February 2025 by altering transaction logic and masking interfaces, which enabled them to steal over $1.5 billion in Ether. North Korea’s notorious state-sponsored hacking entity, the Lazarus Group, was responsible for it.
Besides, Sui-based Cetus, on the other hand, suffered an exploit in an overflow check within the project’s liquidity calculation function, which resulted in $225 million in losses in May.
Without these two incidents, total losses would be $690 million, which essentially indicates that the broader security trend may not be as severe as the raw figures imply.
LIMITED OFFER for CryptoPotato readers at Bybit: Use this link to register and open a $500 FREE position on any coin!
In the ongoing discussion of trade and tariffs, Politico and others reported that the US…
A prominent crypto trader argues bitcoin is positioned to surge to $250,000 before the end…
The price of Uniswap has crashed into a bear market after falling by over 20%…
The 4th of July is over, but the REI deals continue. The REI 4th of…
Key Takeaways Tuttle Capital Management is set to launch 10 new leveraged crypto ETFs by…
Raising in 2025 doesn’t look anything like it did in 2021 — and that’s exactly…