CertiK Annual Security Report: Web3 Losses Increase 37% Year-on-Year in 2025, Phishing Attacks and Supply Chain Incidents Emerge as Major Threats

marsbitPublished on 2025-12-25Last updated on 2025-12-25

Abstract

CertiK's 2025 Skynet Hack3D Security Report reveals that the Web3 industry suffered approximately $3.35 billion in losses across 630 security incidents, a 37% increase from 2024. While the number of incidents decreased by 137, the average loss per attack surged by 66.6% to $5.32 million, indicating a trend toward targeting high-value assets. The most significant losses resulted from supply chain attacks, which accounted for nearly half of the total losses ($1.45 billion) despite only two recorded incidents. The largest was the February Bybit breach, where attackers compromised a third-party multi-signature wallet service to bypass security protocols. Phishing remained the most frequent threat, with 248 incidents causing $723 million in losses. The report warns that AI is amplifying these attacks by generating highly convincing fake websites and targeted scam messages, making traditional defenses less effective. Amid growing risks, regulatory clarity is improving globally, with advancements in U.S. stablecoin legislation and frameworks like MiCA in the EU. Security is shifting from a reactive cost to a core infrastructure element. The report concludes that projects embedding security into their design and development will be better positioned for the future.

On December 23, CertiK, the world's largest Web3 security company, released the "2025 Skynet Hack3D Web3 Security Report," systematically outlining the major security incidents and risk trends in the Web3 space over the past year. The report indicates that while the Web3 industry is accelerating its development amid a recovering market environment and clearer regulatory expectations, security risks have not eased and continue to pose systemic security threats.

The report shows that in 2025, the Web3 space experienced 630 security incidents, resulting in total losses of approximately $3.35 billion, a 37% year-on-year increase compared to 2024. Although the number of incidents decreased by 137 compared to the previous year, the average loss per attack reached $5.322 million, a sharp increase of 66.6%, highlighting the trend of attackers targeting high-value objectives.

Supply Chain Attacks Drive Annual Losses Higher

In terms of attack types, supply chain attacks became the largest source of losses in 2025. Despite only two recorded incidents throughout the year, the cumulative losses amounted to $1.45 billion, accounting for nearly half of the total annual losses. The majority of these losses stemmed from the Bybit incident in February.

According to the report, the security incident experienced by Bybit in February 2025 resulted in approximately $1.4 billion in losses, making it one of the largest cryptocurrency thefts to date. The attackers did not directly breach the exchange's system but instead infiltrated the developer environment of a third-party multi-signature wallet service provider, embedding malicious code in the signing process to bypass multiple approval mechanisms.

CertiK noted in the report that such incidents reflect attackers increasingly focusing their resources on critical service providers and underlying tools rather than individual protocols, underscoring that supply chain security has become an unavoidable systemic risk.

High Frequency of Phishing Attacks, AI Acts as an "Amplifier"

In terms of attack frequency, phishing remained the most common security threat in 2025. The report shows that a total of 248 phishing attack incidents were recorded throughout the year, resulting in approximately $723 million in losses, slightly higher than the number of code vulnerability attacks (240 incidents).

Notably, CertiK believes this figure may still be an underestimate. A significant number of phishing and scam incidents targeting individual users were not formally disclosed, especially those involving smaller losses or off-chain social engineering attacks.

The report emphasizes that the proliferation of artificial intelligence is significantly lowering the technical barriers to phishing attacks. Attackers are increasingly using AI to generate highly realistic phishing websites, wallet pop-ups, and multilingual scam messages, combined with on-chain data and social media content for "precision targeting." Traditional defense methods relying on grammatical errors or template features for identification are gradually becoming ineffective.

Regulatory Clarity Increases, Security Shifts from "Cost Item" to "Infrastructure"

Amid rising risks, the report also notes positive changes in the global regulatory environment. Legislative progress in the U.S. around stablecoins and digital asset transparency has sent clearer policy signals to the industry. Regulatory frameworks such as the EU's MiCA, Singapore's regulatory sandbox, and Hong Kong's initiatives are also pushing Web3 toward a more standardized development phase.

CertiK pointed out in the report that as institutional and compliant funds continue to enter the space, security capabilities are transitioning from "post-incident remediation" to an infrastructure element in project design and operations. For both project teams and individual users, security is no longer optional but a critical factor affecting long-term viability.

The report concludes by projecting that in the coming year, AI-driven impersonation attacks, increasingly complex supply chain intrusions, and social engineering attacks targeting individual users will continue to evolve. In this context, projects that embed security into architectural design, development processes, and user experience are more likely to stand out in the next wave of Web3 competition.

Full report: https://indd.adobe.com/view/6935ac85-c644-4048-9e27-1d310549aa0a

Related Questions

QAccording to CertiK's 2025 report, what was the total financial loss in the Web3 sector and what was the year-over-year percentage increase?

AThe total financial loss in the Web3 sector was approximately $3.35 billion, representing a 37% year-over-year increase compared to 2024.

QWhich type of attack was identified as the largest source of loss in 2025, and what was a key characteristic of the Bybit incident?

ASupply chain attacks were the largest source of loss. A key characteristic of the Bybit incident was that attackers did not directly breach the exchange's system but instead compromised a third-party multi-signature wallet service provider's developer environment to inject malicious code.

QWhat was the most frequent type of attack in 2025, and how is AI impacting this threat?

APhishing attacks were the most frequent, with 248 recorded incidents. AI is acting as an 'amplifier' by lowering the technical barrier, enabling attackers to create highly realistic phishing sites, wallet pop-ups, and multi-language scam messages for 'precision targeting'.

QHow did the average loss per attack change in 2025, and what does this trend indicate?

AThe average loss per attack reached $5.322 million, a sharp increase of 66.6% year-over-year. This trend highlights that attackers are concentrating their efforts on higher-value targets.

QHow is the role of security changing for Web3 projects according to the report's view on the evolving regulatory landscape?

AWith clearer regulations and more institutional capital entering the space, security is shifting from being a 'cost item' and 'remedial measure' to a fundamental 'infrastructure' element that is integrated into project design and operations, crucial for long-term viability.

Related Reads

The Second Half of Macro Influencer Fu Peng's Career

Fu Peng, a prominent Chinese macroeconomist and former chief economist of Northeast Securities, has joined Hong Kong-based digital asset management firm Bitfire Group (formerly New Huo Group) as its chief economist. This move, announced in April 2026, triggered an 11% surge in Bitfire's stock price. Fu, known for his accessible macroeconomic commentary and large social media following, will focus on integrating digital assets into global asset allocation frameworks, particularly combining FICC (fixed income, currencies, and commodities) with cryptocurrencies for institutional clients. His career includes roles at Lehman Brothers and Solomon International, with significant influence gained through public communication. However, in late 2024, Fu faced temporary social media bans after a controversial private speech at HSBC on China's economic challenges, though he denied regulatory sanctions. He later left Northeast Securities citing health reasons. Bitfire, a licensed virtual asset manager serving high-net-worth clients, seeks to build trust and attract traditional capital through Fu’s expertise and credibility. The partnership represents a strategic shift for both: Fu enters the crypto sector after a traditional finance peak, while Bitfire aims to leverage his macro framework for institutional adoption. Outcomes remain uncertain regarding capital inflows and compatibility within corporate structure.

marsbit1h ago

The Second Half of Macro Influencer Fu Peng's Career

marsbit1h ago

Stablecoins Don’t Meet Core Requirements Of Money, BIS Says

The Bank for International Settlements (BIS) General Manager, Pablo Hernández de Cos, stated that existing stablecoins fail to meet the core requirements of money, specifically "singleness" and "interoperability." Singleness refers to the need for different forms of money to be interchangeable at par value, which is ensured by central banks in traditional finance but not in decentralized stablecoins. Interoperability means seamless cross-platform transactions, which stablecoins currently lack due to fragmentation across multiple blockchains. These shortcomings limit stablecoins' network effects and widespread acceptance, keeping them a "niche" payment instrument. However, de Cos acknowledged their potential to improve cross-border payments, though he also warned of risks to financial stability and monetary policy. Despite a bearish crypto market, the stablecoin market cap has reached a new all-time high of over $320 billion.

bitcoinist1h ago

Stablecoins Don’t Meet Core Requirements Of Money, BIS Says

bitcoinist1h ago

What Does the Outcome of the Midterm Elections Mean for Trump and Crypto?

The article analyzes the potential impact of the upcoming US midterm elections on Trump and cryptocurrency policy. Historically, the president's party loses congressional seats in 90% of midterms since 1946, making a Republican loss in the House highly probable. Current predictions suggest Democrats may take the House while Republicans retain the Senate, resulting in a divided government. Despite potential losses, Trump could still advance crypto-friendly policies through executive orders, agency appointments (if the Senate is held), budget reconciliation, and veto power. However, major structural bills like the CLARITY Act or a comprehensive stablecoin law would likely stall without a Republican majority in both chambers. The crypto industry has invested heavily ($288 million) in the elections to push for favorable legislation before the midterm window closes in mid-2026. While Trump remains the most crypto-friendly US president to date, advancing key reforms may be delayed until after 2028 if the legislative window is missed. The overall pro-crypto shift in US politics is seen as irreversible, even if progress slows temporarily.

marsbit2h ago

What Does the Outcome of the Midterm Elections Mean for Trump and Crypto?

marsbit2h ago

Cardano Leadership Structure Comes Under Scrutiny, Clouding Its Future – See Why

Cardano is recognized as one of the most decentralized blockchains, yet recent criticism highlights its lack of clear leadership. Analyst Cardano Yoda argues that despite the introduction of on-chain governance—which involves DReps (governance decision-makers) and Pentad (leadership and execution)—the network remains centralized in practice. While DReps control treasury spending, they lack coordination and strategic direction, relying instead on founding entities like IOG, the Cardano Foundation, and EMURGO. This creates fragmented leadership and accountability issues. Yoda suggests that DReps should evolve into a more coordinated body, possibly through a board or DAOs, to define strategy and improve governance effectiveness. Enhanced cooperation between DReps, founding entities, and Intersect is essential for Cardano’s future leadership clarity and operational unity.

bitcoinist4h ago

Cardano Leadership Structure Comes Under Scrutiny, Clouding Its Future – See Why

bitcoinist4h ago

Bitcoin Must Do This To Continue The Rally, Or It Will Be Over

A crypto analyst known as "Swarmik" has identified 17 key price levels where Bitcoin (BTC) could find support if selling pressure increases. The analysis suggests that BTC's overall outlook remains bullish, and any successful bounce from these levels could drive it back to all-time highs or beyond. The first critical support is at $70,931, followed by levels such as $68,931 (an "Imbalance Zone"), $66,638 (a "Reversal Line"), and $64,491 (a "Psychological Level"). Further down, Fibonacci retracements and other technical zones like "Fair Value Gap" and "Order Block" are highlighted. If the decline continues, lower supports include $51,612 ("Demand Zone") and $49,466 ("Supply Zone"). The analyst warns that a drop below $34,732 would invalidate the bullish structure, potentially ending the rally.

bitcoinist5h ago

Bitcoin Must Do This To Continue The Rally, Or It Will Be Over

bitcoinist5h ago

Trading

Spot
Futures
活动图片

Hot Categoriesright-arrow

Hot Tagsright-arrow