Highlight

Hack3d: The Web3 Security Quarterly Report - Q2 + H1 2025

Reports ·Security Reports ·
Hack3d: The Web3 Security Quarterly Report - Q2 + H1 2025

DOWNLOAD

Welcome to Hack3d: The Web3 Security Report for Q2 + H1 2025. Hack3d is the industry's most comprehensive record of statistics and analysis of on-chain security incidents. It equips stakeholders with the knowledge needed to make informed decisions in an increasingly high-stakes environment.

Executive Summary

Q2 2025

  • A total of $801,315,669 was lost across 144 incidents in Q2 2025. This represents an approximate 52.1% decrease in value lost compared to the previous quarter. There were also 59 fewer incidents than last quarter.
  • Phishing was the most costly attack vector in Q2 2025, with $395,063,695 stolen across 52 incidents.
  • Code vulnerability followed, with $235,783,844 stolen across 47 incidents.
  • Ethereum experienced the highest number of security incidents, with a total of 70 hacks, scams, and exploits leading to $65,370,264 in losses.
  • The total value of funds returned was $180,950,613, leading to adjusted total losses of $620,365,056 for the quarter.
  • The average loss per incident was $4,308,091 and the median loss per incident was $103,996.

H1 2025

  • A total of $2,472,777,618 was lost across 344 incidents in H1 2025.
  • Wallet compromise was the most costly attack vector in H1 2025, with $1,706,937,700 stolen across 34 incidents.
  • Phishing was the second most costly, with $410,747,038 stolen across 132 security incidents. Phishing currently accounts for the highest number of security incidents so far this year.
  • Ethereum experienced the highest number of security incidents, with a total of 175 hacks, scams, and exploits leading to $1,634,891,832 in losses.
  • The total value of funds returned was $187,341,310, leading to adjusted total losses of $2,285,436,308 for H1 2025.
  • The average loss per incident was $7,129,980 and the median loss per incident was $89,026.

In our report, we discuss in more detail the latest trends in Web3 security, including an analysis of the most prominent attack vectors, targeted chains, and the top three security incidents. We also highlight a variety of our recently-published technical and educational resources.

Download our Hack3d Q3 report today.

Related Blogs

Skynet DPRK Crypto Threats Report
New · Reports ·Security Reports

Skynet DPRK Crypto Threats Report

Our Skynet DPRK Crypto Threats Report discusses key North Korean hacker trends, including amounts stolen, number of incidents, and the most substantial hacks over the past 10 years.

2026 Wrench Attacks Overview
New · Technical Blogs ·Vulnerability Research

2026 Wrench Attacks Overview

After the publication of our February 2026 Wrench Attacks Report, we now look at the continued escalation of wrench attacks, which have become a structural threat for cryptocurrency holders.

Skynet State of Digital Asset Regulations Report
Reports ·Industry Research

Skynet State of Digital Asset Regulations Report

For companies operating or planning to scale globally, the implications are that multi-jurisdictional licensing is now a baseline requirement; AML compliance budgets must align with the scale of enforcement; and security audits are recurring, jurisdiction-specific costs, rather than one-time exercises.