Crypto and Web3 safety incidents led to over $801.3 million in losses throughout 144 incidents in Q2 2025. CertiK reported that this displays a 52.1% lower in worth misplaced from the earlier quarter.
The quarter additionally noticed 59 fewer incidents throughout this era.
Ethereum Hit Hardest Once more
Phishing was probably the most damaging assault vector, because it noticed $395 million being stolen throughout 52 incidents. Code vulnerabilities adopted swimsuit and recorded $235.8 million in losses throughout 47 incidents.
In its newest report, CertiK said that Ethereum noticed the very best variety of incidents. The community recorded 70 hacks, scams, and exploits, leading to $65.4 million in losses for the quarter.
Moreover, funds value $181 million have been recovered, which introduced the adjusted losses for the second quarter to $620.4 million. The typical loss per incident was $4.3 million, whereas the median was round $104,000.
Zooming out, the blockchain safety agency additionally reported complete losses of $2.47 billion throughout 344 incidents for the primary half of 2025. Pockets compromises have been the most expensive throughout this era, as these breaches accounted for $1.71 billion in losses throughout 34 incidents. Subsequent up was phishing, with $410.7 million stolen throughout 132 incidents, which made it probably the most frequent assault kind thus far this 12 months.
To date this 12 months, Ethereum recorded 175 incidents in H1, leading to $1.63 billion in losses. A complete of $187.3 million was recovered within the first half of the 12 months, pushing the adjusted complete losses to $2.29 billion. In the meantime, the typical loss per incident for H1 was $7.13 million, with a median lack of $89,026.
Two Main Hacks Skew Pattern
CertiK famous that whereas headline figures recommend worsening crypto safety, two incidents alone accounted for round $1.78 billion of 2025’s losses – the Bybit hack and the Cetus Protocol breach.
Hackers exploited Bybit’s chilly pockets infrastructure in February 2025 by altering transaction logic and masking interfaces, which enabled them to steal over $1.5 billion in Ether. North Korea’s infamous state-sponsored hacking entity, the Lazarus Group, was answerable for it.
Moreover, Sui-based Cetus, however, suffered an exploit in an overflow examine inside the challenge’s liquidity calculation operate, which resulted in $225 million in losses in Could.
With out these two incidents, complete losses could be $690 million, which primarily signifies that the broader safety development is probably not as extreme because the uncooked figures suggest.
Binance Free $600 (CryptoPotato Unique): Use this link to register a brand new account and obtain $600 unique welcome supply on Binance (full details).
LIMITED OFFER for CryptoPotato readers at Bybit: Use this link to register and open a $500 FREE place on any coin!
