The Web3 Hack Report 2025 (Exploited Ledgers)

2026/01/07 18:00

2025 was a reminder that Web3 security risks are evolving faster than many protocols expect.

While the number of hacks actually went down, the financial damage reached new highs. According to our latest analysis, attackers focused on fewer but much more severe exploits — causing massive losses in single events.

Here’s a clear breakdown of what really happened in Web3 security during 2025.

Web3 Lost $2.54 Billion Across 89 Confirmed Incidents

In total, 89 confirmed security incidents were recorded in 2025, leading to $2.54 billion in losses. This is a sharp increase in financial impact compared to previous years, even though the total number of attacks was lower.

What this shows is a shift in attacker strategy. Instead of many small hacks, we’re seeing fewer but far more destructive incidents.

Phishing &Private Key Compromises Caused the Most Damage

Phishing emerged as the most financially devastating attack vector of the year. Just three phishing-related incidents alone accounted for over $1.4 billion in losses.

These attacks didn’t rely on complex smart contract bugs — instead, they exploited human trust, leaked credentials, and compromised private keys.

Ethereum Was the Most Affected Network

Ethereum remained the most targeted blockchain in 2025.

30 incidents
$1.9 billion in total losses

No other network came close to Ethereum in terms of both frequency and financial damage. Its large ecosystem, deep liquidity, and complex infrastructure continue to make it a high-value target for attackers.

Major Incidents That Defined the Year

Some single events had an outsized impact on total losses:

Bybit multisig breach ~$1.4B
Cetus CLMM exploit ~$223M
Balancer V2 exploit ~$128M
Multiple compromises involving centralized infrastructure and access control failures

These incidents reinforced a key lesson. Security failures are no longer limited to smart contracts alone.

Security can no longer be treated as a one-time audit — it needs to cover code, access controls, key management and operational processes together.

The Web3 Hack Report 2025 (Exploited Ledgers) was originally published in Coinmonks on Medium, where people are continuing the conversation by highlighting and responding to this story.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.