CertiK's "Hack3d: Q1 2025 Security Report" has been released, providing an in-depth analysis of the security status in the Web3.0 sector from January to March 2025. A total of 197 security incidents occurred in Q1 2025, with total losses amounting to approximately $1.67 billion, a staggering increase of 303.4% compared to the previous quarter. The Bybit incident alone resulted in losses of about $1.45 billion, sparking widespread discussions about the security of centralized exchanges.

Key Data

Quarterly Data: In Q1 2025, the Web3.0 industry experienced 197 on-chain security incidents, with total losses of approximately $1.67 billion. Compared to the previous quarter, total losses increased by about 303.4%, and the number of security incidents rose by 6.

Methods of Attack: Wallet thefts caused the most significant financial losses in Q1 2025, with just 3 incidents leading to approximately $1.45 billion stolen. Following this were private key leaks (a subcategory of wallet vulnerabilities), with 15 incidents resulting in total losses of about $140 million. Although the individual loss amounts from phishing attacks were lower, they occurred most frequently, with 81 phishing attacks this quarter causing nearly $16 million in losses.

On-Chain Distribution: Ethereum was the blockchain that suffered the most security incidents, with 98 attacks, frauds, and exploits, totaling losses of approximately $1.54 billion.

Recovery of Losses: This quarter, $6.39 million of stolen funds were successfully recovered, resulting in an adjusted actual loss total of about $1.66 billion. The amount recovered this quarter accounted for only 0.4%, far below the previous quarter's 42.1%, making the actual net loss even more severe. In fact, no stolen funds were successfully recovered in February 2025.

The average loss per incident was approximately $9.55 million, with a median loss of about $66,000.

Security Trends

Despite the total loss amount from phishing this quarter being far lower than that from private key leaks and wallet thefts, the number of phishing incidents still exceeded other attack methods. The decentralized risk posed by high-frequency, low-loss phishing attacks can no longer be ignored.

The increase in phishing may be related to increasingly sophisticated social engineering strategies, such as fake decentralized applications (dApps), malicious browser extensions, and deepfake-based identity impersonation techniques, making it easier for users to unknowingly disclose sensitive information.

The race between innovation and attacks is accelerating, and the development of security defenses is struggling to keep pace with increasingly complex attack methods. Hackers are leveraging social engineering, AI, contract manipulation, and other means to breach security defenses. As the adoption rate of digital assets increases and asset valuations rise, CertiK predicts that the amount of stolen digital assets may continue to climb.

However, advancements in blockchain technology may change this situation in the future. Security innovations such as zero-knowledge proofs (ZKP), on-chain forensic tools, and multi-party computation (MPC) wallets are expected to enhance overall protective capabilities and reduce the threats posed by existing attack methods. The next few quarters will be a critical test period for the Web3.0 industry's risk resilience.

Industry Trends

Despite facing significant security incidents, Q1 2025 saw some important regulatory and strategic developments.

For instance, the U.S. government announced the establishment of the Strategic Cryptocurrency Reserve, aimed at ensuring U.S. financial interests in the digital asset ecosystem. Additionally, the U.S. Securities and Exchange Commission (SEC) formed the Crypto Task Force to provide clearer regulatory guidance, moving away from the previous "enforcement-first" strategy that hindered innovation. The European Union finalized technical standards through the Markets in Crypto-Assets Regulation (MiCA), further advancing its regulatory implementation in the Web3.0 compliance field.

Quarterly Review

At the beginning of this quarter, CertiK co-founder Professor Gu Ronghui visited South Korea for strategic cooperation discussions, officially signing a Memorandum of Understanding (MOU) with the Busan Digital Asset Exchange (Bdan) here. During this time, Professor Gu also met with key South Korean partners such as Wemix, Kaia, United Games, and GBBC to further expand cooperation. Additionally, Professor Gu was invited to give interviews with prominent South Korean media outlets etoday and TokenPost, sharing insights on the South Korean market, global regulatory trends, and CertiK's strategic layout.

During the Hong Kong Consensus in February, CertiK co-hosted the "CertiK Space" event with OceanBase and OKLink. During the event, Professor Gu Ronghui gave an interview, systematically explaining the trend of the co-evolution of technology, business, and regulation; CertiK's Chief Technology Officer, Professor Li Kang, analyzed the threats posed by the evolving tactics of hacker organizations.

This quarter, CertiK also released the latest research work in collaboration with Ant Group, focusing on the formal verification of core components of the Asterinas operating system, which attracted attention and coverage from well-known media outlets such as Phoenix News, NetEase News, and Sina Finance.

Additionally, CertiK published several technical analyses and popular science articles this quarter:

• Blockchain Data Protection and Privacy Compliance: In-Depth Discussion on GDPR & HIPAA

• Interwoven Light and Dark: Unveiling the Chaos of the Ethereum Token Ecosystem

• Protecting Assets, Preventing Risks | 2025 Web3.0 Asset Security Guide

• Technical Analysis of the Bybit Incident

At the same time, CertiK's Chief Business Officer appeared on the Cointelegraph podcast to discuss the Bybit incident and delve into Web3.0 security.

Conclusion

CertiK possesses profound industry insights and has long provided various analyses of security incidents, security guidelines, annual and quarterly security reports, conveying critical security information to the industry. Once released, the security report receives significant attention from the industry and is quickly reported and cited by core media in the Web3.0 field, such as CoinDesk and Cointelegraph.

CertiK's quarterly report also provides an in-depth analysis of the most attacked blockchains, the three major security incidents of the quarter, the development trends in Web3.0, and offers suggestions for users and project parties to enhance security.

We welcome everyone to click here to read the complete "Hack3d: 2024 Annual Security Report" for a more comprehensive analysis, insights, and recommendations.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。