In the first quarter of 2025, the security situation in the Web3.0 field is severe. According to the latest security report, a total of 197 security incidents occurred in this quarter, with total losses amounting to approximately $1.67 billion, a significant increase of 303.4% compared to the previous quarter. One major incident resulted in losses of about $1.45 billion, triggering widespread discussions in the industry regarding the security of trading platforms.
Key Quarterly Data
Total number of security incidents: 197, an increase of 6 compared to the previous quarter.
Total loss: approximately $1.67 billion, a quarter-on-quarter increase of 303.4%
Average loss per incident: $9.55 million
Median Loss: $66,000
Attack Method Analysis
Wallet theft: resulted in the most severe losses, with 3 incidents leading to approximately $1.45 billion stolen.
Private Key Leak: 15 incidents, loss of approximately $140 million
Phishing: 81 attacks, resulting in nearly $16 million in losses, occurring at the highest frequency.
Blockchain Security Distribution
Ethereum has become the most attacked blockchain, with 98 incidents resulting in losses of approximately $1.54 billion.
Fund Recovery Status
This quarter, only $6.39 million of stolen funds was successfully recovered, accounting for 0.4% of the total losses, far lower than the 42.1% recovered in the previous quarter. Notably, no stolen funds were recovered in February 2025.
Security Trend Analysis
Although the total losses caused by phishing are relatively low, their high-frequency nature still poses a significant threat. This may be related to the increasingly sophisticated social engineering strategies, such as counterfeit decentralized applications, malicious browser extensions, and identity impersonation based on deepfakes.
As innovation and attack methods evolve rapidly, security defense measures struggle to keep pace. Hackers are leveraging advanced technologies such as social engineering, AI, and contract manipulation to breach security lines. With the increasing prevalence and rising valuation of digital assets, the amount stolen is expected to continue to increase.
However, advancements in blockchain technology may change this situation in the future. Security innovations such as zero-knowledge proofs, on-chain evidence tools, and multi-party computation wallets are expected to enhance overall protective capabilities and reduce the threats posed by existing attack methods. The next few quarters will be a critical testing period for the risk resistance capability of the Web3.0 industry.
Industry Regulatory Trends
Despite facing security challenges, some significant regulatory and strategic progress was made in the first quarter of 2025:
The U.S. government has announced the establishment of a strategic digital currency reserve to ensure financial interests in the digital asset ecosystem.
The U.S. Securities and Exchange Commission has established a special task force for digital currencies, shifting towards providing clearer regulatory guidance.
The EU has passed technical standards for the Digital Assets Market Act to promote the implementation of compliance regulations for Web3.0.
Security Recommendations
Strengthen private key management and use secure storage methods such as hardware wallets.
Be wary of phishing attacks on social media and instant messaging tools.
Regularly update and audit smart contract code
Adopting advanced security mechanisms such as multi-signature and time locks
Enhance security awareness education for teams and users
In the coming quarters, the Web3.0 industry will face severe security challenges. Project teams, users, and regulatory agencies need to work together to enhance the overall security level in order to cope with the evolving threat landscape.
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
13 Likes
Reward
13
8
Repost
Share
Comment
0/400
RektRecovery
· 07-20 12:19
told ya this was coming... another quarter, another web3 darwin award moment. classic attack vectors never get old smh
Reply0
¯\_(ツ)_/¯
· 07-18 14:54
Ridiculous, so you tell me that wallet security is very important?
View OriginalReply0
StakeOrRegret
· 07-18 00:44
Just popping up in the front row! Even more terrifying than cutting losses and falling is losing the private key.
View OriginalReply0
MetaNeighbor
· 07-18 00:41
Be Played for Suckers this speed is too fierce, right?
View OriginalReply0
DataPickledFish
· 07-18 00:22
What's going on? There were only 5 cases last quarter, and now there are 197 cases this quarter?!
View OriginalReply0
HorizonHunter
· 07-18 00:17
Ridiculous, more than a dozen wallets took away more than half of the losses?
Web3.0 quarterly losses surged 303.4% to $1.67 billion, with wallet theft as the main cause.
Q1 2025 Web3.0 Security Report: Losses Surge 303.4%, Reaching $1.67 Billion
In the first quarter of 2025, the security situation in the Web3.0 field is severe. According to the latest security report, a total of 197 security incidents occurred in this quarter, with total losses amounting to approximately $1.67 billion, a significant increase of 303.4% compared to the previous quarter. One major incident resulted in losses of about $1.45 billion, triggering widespread discussions in the industry regarding the security of trading platforms.
Key Quarterly Data
Attack Method Analysis
Blockchain Security Distribution
Ethereum has become the most attacked blockchain, with 98 incidents resulting in losses of approximately $1.54 billion.
Fund Recovery Status
This quarter, only $6.39 million of stolen funds was successfully recovered, accounting for 0.4% of the total losses, far lower than the 42.1% recovered in the previous quarter. Notably, no stolen funds were recovered in February 2025.
Security Trend Analysis
Although the total losses caused by phishing are relatively low, their high-frequency nature still poses a significant threat. This may be related to the increasingly sophisticated social engineering strategies, such as counterfeit decentralized applications, malicious browser extensions, and identity impersonation based on deepfakes.
As innovation and attack methods evolve rapidly, security defense measures struggle to keep pace. Hackers are leveraging advanced technologies such as social engineering, AI, and contract manipulation to breach security lines. With the increasing prevalence and rising valuation of digital assets, the amount stolen is expected to continue to increase.
However, advancements in blockchain technology may change this situation in the future. Security innovations such as zero-knowledge proofs, on-chain evidence tools, and multi-party computation wallets are expected to enhance overall protective capabilities and reduce the threats posed by existing attack methods. The next few quarters will be a critical testing period for the risk resistance capability of the Web3.0 industry.
Industry Regulatory Trends
Despite facing security challenges, some significant regulatory and strategic progress was made in the first quarter of 2025:
Security Recommendations
In the coming quarters, the Web3.0 industry will face severe security challenges. Project teams, users, and regulatory agencies need to work together to enhance the overall security level in order to cope with the evolving threat landscape.