Hack3d: The Web3 Security Quarterly Report - Q2 + H1 2025

DOWNLOAD

Welcome to Hack3d: The Web3 Security Report for Q2 + H1 2025. Hack3d is the industry's most comprehensive record of statistics and analysis of on-chain security incidents. It equips stakeholders with the knowledge needed to make informed decisions in an increasingly high-stakes environment.

Executive Summary

Q2 2025

A total of $801,315,669 was lost across 144 incidents in Q2 2025. This represents an approximate 52.1% decrease in value lost compared to the previous quarter. There were also 59 fewer incidents than last quarter.
Phishing was the most costly attack vector in Q2 2025, with $395,063,695 stolen across 52 incidents.
Code vulnerability followed, with $235,783,844 stolen across 47 incidents.
Ethereum experienced the highest number of security incidents, with a total of 70 hacks, scams, and exploits leading to $65,370,264 in losses.
The total value of funds returned was $180,950,613, leading to adjusted total losses of $620,365,056 for the quarter.
The average loss per incident was $4,308,091 and the median loss per incident was $103,996.

H1 2025

A total of $2,472,777,618 was lost across 344 incidents in H1 2025.
Wallet compromise was the most costly attack vector in H1 2025, with $1,706,937,700 stolen across 34 incidents.
Phishing was the second most costly, with $410,747,038 stolen across 132 security incidents. Phishing currently accounts for the highest number of security incidents so far this year.
Ethereum experienced the highest number of security incidents, with a total of 175 hacks, scams, and exploits leading to $1,634,891,832 in losses.
The total value of funds returned was $187,341,310, leading to adjusted total losses of $2,285,436,308 for H1 2025.
The average loss per incident was $7,129,980 and the median loss per incident was $89,026.

In our report, we discuss in more detail the latest trends in Web3 security, including an analysis of the most prominent attack vectors, targeted chains, and the top three security incidents. We also highlight a variety of our recently-published technical and educational resources.

Download our Hack3d Q3 report today.

Skynet Crypto ATM Fraud Report

Crypto ATM fraud is one of the fastest-growing financial crime categories in the United States. Criminal organizations exploit the speed and pseudonymity of crypto kiosks to extract funds from vulnerable populations at an accelerating pace. In the Skynet Crypto ATM Fraud Report, we discuss types of crypto ATM attacks, global statistics, attacker profiles, key enforcement actions, detection and mitigation strategies, and recommendations to protect against these types of fraud.

2026년 3월 12일

보고서 ·산업 연구

2026 Skynet Prediction Markets Report

Prediction markets crossed into the mainstream in 2025, with annual trading volume growing 4x and a small number of dominant platforms emerging. Kalshi, Polymarket, and Opinion now control the vast majority of global volume, each pursuing distinct regulatory and technical strategies.

2026년 2월 10일

보고서 ·보안 보고서

Skynet Wrench Attacks Report

In 2025, wrench attacks unfortunately crossed a critical threshold. What was once treated as an edge-case risk has become a structural threat to digital asset ownership. Attackers are no longer acting opportunistically; they are operating as organized, transnational groups that combine OSINT-driven targeting, social engineering, and extreme physical violence to extract private keys.

2026년 2월 2일