Hackers Are Now Targeting Real World Assets: CertiK Flags $14.6M in 2025 Losses

TLDR:

• Real World Assets exploits reached $14.6M in H1 2025, CertiK data shows, with attackers shifting from DeFi to tokenized assets.
• Top protocols like Ondo, Paxos, and Tether scored AAA or AA ratings in CertiK’s 2025 RWA security review.
• Risks now extend beyond code to oracles, custody, counterparties, and fraudulent proof-of-reserve attestations.
• Ethereum leads in RWA tokenization, but concentration on a few chains leaves the sector exposed to systemic risk.

Hackers are no longer chasing only DeFi protocols. They are moving into tokenized real world asset projects. CertiK’s latest report tracks this change. 

Losses linked to RWA exploits hit $14.6 million in the first half of 2025. The research shows that threats have moved from off-chain defaults toward operational and on-chain weaknesses. For investors, the numbers show where attackers now see the biggest opportunities.

Real World Assets Security Risks Push Losses Higher

CertiK explained that RWA tokenization introduces hybrid threats. Unlike DeFi tokens, an RWA token represents a claim on something off-chain. This means the attack surface is wider. The risks include oracle manipulation, custodial failures, and fraudulent proof-of-reserve claims.

Losses have reflected this change. According to the report, RWA-related exploits cost $6 million in 2024. In 2023, losses were about $17.9 million. By mid-2025, $14.6 million had already been drained from projects in this space. CertiK pointed out that these attacks are evolving, with more focus now on direct on-chain weaknesses.

The report also stated that value concentration increases risk. Most RWA tokens sit on Ethereum and a handful of leading protocols. If a major chain or protocol faces a breach, the entire market could feel the impact.

Institutional Projects Rank Higher in Security

CertiK’s Skynet RWA Security Spotlight showed stronger security ratings for projects tied to traditional finance. 

Protocols linked with BlackRock and Franklin Templeton ranked higher due to strict compliance and custody systems. This suggests that institutional oversight improves security standards when bridging real world assets into crypto.

Ondo Finance ranked third with a security score above 93. It issues tokens backed by short-term U.S. Treasuries and bank deposits. Paxos followed closely with its regulated PAX Gold token, each backed by an ounce of vaulted gold. Tether Gold came in fifth, reflecting rising demand for inflation-hedging assets backed by physical reserves.

CertiK’s findings show that these projects adopted outside security audits to reinforce trust. The report listed Ondo, Paxos, and Tether among platforms that partnered with CertiK for added due diligence.

The growing focus on RWA projects makes them prime targets for hackers. The numbers prove attackers are adapting quickly, and only the most security-conscious protocols appear to be holding ground.

The post Hackers Are Now Targeting Real World Assets: CertiK Flags $14.6M in 2025 Losses appeared first on Blockonomi.