Crypto and Web3 security incidents led to over $801.3 million in losses across 144 incidents in Q2 2025. CertiK reported that this reflects a 52.1% decrease in value lost from the previous quarter.
The quarter also saw 59 fewer incidents during this period.
Phishing was the most damaging attack vector, as it saw $395 million being stolen across 52 incidents. Code vulnerabilities followed suit and recorded $235.8 million in losses across 47 incidents.
In its latest report, CertiK said that Ethereum saw the highest number of incidents. The network recorded 70 hacks, scams, and exploits, resulting in $65.4 million in losses for the quarter.
Additionally, funds worth $181 million were recovered, which brought the adjusted losses for the second quarter to $620.4 million. The average loss per incident was $4.3 million, while the median was around $104,000.
Zooming out, the blockchain security firm also reported total losses of $2.47 billion across 344 incidents for the first half of 2025. Wallet compromises were the costliest during this period, as these breaches accounted for $1.71 billion in losses across 34 incidents. Next up was phishing, with $410.7 million stolen across 132 incidents, which made it the most frequent attack type so far this year.
So far this year, Ethereum recorded 175 incidents in H1, resulting in $1.63 billion in losses. A total of $187.3 million was recovered in the first half of the year, pushing the adjusted total losses to $2.29 billion. Meanwhile, the average loss per incident for H1 was $7.13 million, with a median loss of $89,026.
CertiK noted that while headline figures suggest worsening crypto security, two incidents alone accounted for around $1.78 billion of 2025’s losses – the Bybit hack and the Cetus Protocol breach.
Hackers exploited Bybit’s cold wallet infrastructure in February 2025 by altering transaction logic and masking interfaces, which enabled them to steal over $1.5 billion in Ether. North Korea’s notorious state-sponsored hacking entity, the Lazarus Group, was responsible for it.
Besides, Sui-based Cetus, on the other hand, suffered an exploit in an overflow check within the project’s liquidity calculation function, which resulted in $225 million in losses in May.
Without these two incidents, total losses would be $690 million, which essentially indicates that the broader security trend may not be as severe as the raw figures imply.
The post $181M Recovered From Hackers, But Crypto Still Lost $620M in Q2 appeared first on CryptoPotato.
—
Blog powered by G6
Disclaimer! A guest author has made this post. G6 has not checked the post. its content and attachments and under no circumstances will G6 be held responsible or liable in any way for any claims, damages, losses, expenses, costs or liabilities whatsoever (including, without limitation, any direct or indirect damages for loss of profits, business interruption or loss of information) resulting or arising directly or indirectly from your use of or inability to use this website or any websites linked to it, or from your reliance on the information and material on this website, even if the G6 has been advised of the possibility of such damages in advance.
For any inquiries, please contact [email protected]
