2025 was a reminder that Web3 security risks are evolving faster than many protocols expect. While the number of hacks actually went down, the financial damage 2025 was a reminder that Web3 security risks are evolving faster than many protocols expect. While the number of hacks actually went down, the financial damage

The Web3 Hack Report 2025 (Exploited Ledgers)

저자: Medium

출처: Medium

2026/01/07 18:00

2분 읽기

이 콘텐츠에 대한 의견이나 우려 사항이 있으시면 crypto.news@mexc.com으로 연락주시기 바랍니다

2025 was a reminder that Web3 security risks are evolving faster than many protocols expect.

While the number of hacks actually went down, the financial damage reached new highs. According to our latest analysis, attackers focused on fewer but much more severe exploits — causing massive losses in single events.

Here’s a clear breakdown of what really happened in Web3 security during 2025.

Web3 Lost $2.54 Billion Across 89 Confirmed Incidents

In total, 89 confirmed security incidents were recorded in 2025, leading to $2.54 billion in losses. This is a sharp increase in financial impact compared to previous years, even though the total number of attacks was lower.

What this shows is a shift in attacker strategy. Instead of many small hacks, we’re seeing fewer but far more destructive incidents.

Phishing &Private Key Compromises Caused the Most Damage

Phishing emerged as the most financially devastating attack vector of the year. Just three phishing-related incidents alone accounted for over $1.4 billion in losses.

These attacks didn’t rely on complex smart contract bugs — instead, they exploited human trust, leaked credentials, and compromised private keys.

Ethereum Was the Most Affected Network

Ethereum remained the most targeted blockchain in 2025.

30 incidents
$1.9 billion in total losses

No other network came close to Ethereum in terms of both frequency and financial damage. Its large ecosystem, deep liquidity, and complex infrastructure continue to make it a high-value target for attackers.

Major Incidents That Defined the Year

Some single events had an outsized impact on total losses:

Bybit multisig breach ~$1.4B
Cetus CLMM exploit ~$223M
Balancer V2 exploit ~$128M
Multiple compromises involving centralized infrastructure and access control failures

These incidents reinforced a key lesson. Security failures are no longer limited to smart contracts alone.

Security can no longer be treated as a one-time audit — it needs to cover code, access controls, key management and operational processes together.

The Web3 Hack Report 2025 (Exploited Ledgers) was originally published in Coinmonks on Medium, where people are continuing the conversation by highlighting and responding to this story.

Get 20 USDT in Just 1 Minute

Deposit $100 to unlock $300 in GOLD positions

면책 조항: 본 사이트에 재게시된 글들은 공개 플랫폼에서 가져온 것으로 정보 제공 목적으로만 제공됩니다. 이는 반드시 MEXC의 견해를 반영하는 것은 아닙니다. 모든 권리는 원저자에게 있습니다. 제3자의 권리를 침해하는 콘텐츠가 있다고 판단될 경우, crypto.news@mexc.com으로 연락하여 삭제 요청을 해주시기 바랍니다. MEXC는 콘텐츠의 정확성, 완전성 또는 시의적절성에 대해 어떠한 보증도 하지 않으며, 제공된 정보에 기반하여 취해진 어떠한 조치에 대해서도 책임을 지지 않습니다. 본 콘텐츠는 금융, 법률 또는 기타 전문적인 조언을 구성하지 않으며, MEXC의 추천이나 보증으로 간주되어서는 안 됩니다.