DEV Community

Cover image for 2025 Web3 Hack Report: Exploited Ledgers
QuillAudits
QuillAudits

Posted on • Originally published at quillaudits.com

2025 Web3 Hack Report: Exploited Ledgers

#smartcontract #blockchain #web3

2025 was a reminder that Web3 security risks are evolving faster than many protocols expect.

While the number of hacks actually went down, the financial damage reached new highs. According to our latest analysis, attackers focused on fewer but much more severe exploits - causing massive losses in single events.

Here's a clear breakdown of what really happened in Web3 security during 2025.

Web3 Lost $2.54 Billion Across 89 Confirmed Incidents

In total, 89 confirmed security incidents were recorded in 2025, leading to $2.54 billion in losses. This is a sharp increase in financial impact compared to previous years, even though the total number of attacks was lower.

What this shows is a shift in attacker strategy. Instead of many small hacks, we're seeing fewer but far more destructive incidents.

Phishing &Private Key Compromises Caused the Most Damage

Phishing emerged as the most financially devastating attack vector of the year. Just three phishing-related incidents alone accounted for over $1.4 billion in losses. 

These attacks didn't rely on complex smart contract bugs - instead, they exploited human trust, leaked credentials, and compromised private keys.

Ethereum Was the Most Affected Network

Ethereum remained the most targeted blockchain in 2025.

  • 30 incidents
  • $1.9 billion in total losses

No other network came close to Ethereum in terms of both frequency and financial damage. Its large ecosystem, deep liquidity, and complex infrastructure continue to make it a high-value target for attackers.

Want the Full Breakdown?
If you want incident-by-incident analysis, attack patterns &lessons learned, you can explore the complete report here: Web3 Hack Report 2025

Major Incidents That Defined the Year

Some single events had an outsized impact on total losses:

  • Bybit multisig breach ~$1.4B
  • Cetus CLMM exploit ~$223M
  • Balancer V2 exploit ~$128M
  • Multiple compromises involving centralized infrastructure and access control failures

These incidents reinforced a key lesson. Security failures are no longer limited to smart contracts alone.

Security can no longer be treated as a one-time audit - it needs to cover code, access controls, key management and operational processes together.

Top comments (0)