Blog / web3-exploits-2025-h1-report
DeFi is going through one of its toughest stretches since early 2023, with attackers ramping up their use of social engineering and AI-powered tactics to exploit weak spots.
This shifting threat landscape has affected projects not just in DeFi, but also in CeFi and AI-integrated platforms.
0xTeamโs 2025 Mid-Year Web3 Security Report is now out, providing a detailed look at the hacks, scams, vulnerabilities, and overall security trends from the first half of 2025.
Our research shows around $3 billion was lost during this time, highlighting the scale of the challenges faced across the ecosystem.
Key Insights from H1 2025 Web3 Security:
- 1. ~$3 billion was lost in hacks, exploits, and scams across the crypto ecosystem in the first half of 2025.
- 2. Access control vulnerabilities led to the highest financial losses, accounting for approximately $1.83 billion stolen.
- 3. Social engineering and phishing attacks surged, causing around $600 million in losses.
- 4. AI-driven attacks increased dramatically, growing by over 1,000%, often exploiting insecure APIs and AI model vulnerabilities.
- 5. Smart contract bugs remained a major threat, resulting in nearly $263 million in losses, marking DeFiโs toughest quarter since early 2023.
- 6. Centralized exchanges (CEXs) were heavily targeted, suffering more than 54% of total stolen funds, with rapid laundering of assets post-attack.
- 7. Continuous security audits, live monitoring, and threat intelligence are critical to detecting and mitigating these evolving risks.
.png&w=3840&q=75)
