Web3 Cyberattacks Spur $3.35 Billion in Losses, Pressuring Regulators to Act

Generated by AI AgentJax MercerReviewed byAInvest News Editorial Team
Monday, Dec 29, 2025 9:40 am ET2min read
CRCL
--
Aime RobotAime Summary

- Web3 industry lost $3.35B to 2025 cyberattacks, with North Korean groups responsible for nearly half the thefts.

- The $1.5B Bybit breach exploited third-party multi-signature wallet vulnerabilities, bypassing security safeguards.

- Poor key security and operational failures caused 54% of losses, exposing widespread access control and monitoring gaps.

- Regulators are pushing for institutional-grade security standards, but inconsistent implementation and AI-enhanced phishing attacks persist as challenges.

- Market volatility and rising cybersecurity demand highlight the need for real-time threat sharing and mandatory compliance frameworks in 2026.

The Web3 industry faced a record year of cyberattacks in 2025, with over $3.35 billion in crypto funds stolen across the blockchain ecosystem. Hacken, a leading cybersecurity firm, reported that nearly half of these losses were attributed to North Korea-linked groups. The scale of these attacks, particularly the Bybit breach, highlights a growing vulnerability in digital asset infrastructure.

The largest single theft of the year, the Bybit breach, saw nearly $1.5 billion stolen in February. Hacken described this incident as the most significant crypto heist in history. Unlike traditional thefts, the attackers compromised the exchange's third-party multi-signature wallet environment, bypassing multi-approval safeguards.

According to the Hacken 2025 Security Report, poor key security and operational failures were responsible for about 54% of all losses. Issues such as weak access controls, unrevoked developer privileges, and a lack of Endpoint Detection and Response systems were widespread across the industry. These vulnerabilities were exploited by hackers, especially those linked to North Korea.

Why the Standoff Happened

Yehor Rudystia, head of forensic at Hacken Extractor, noted that while regulators have increasingly defined what constitutes "good" security in the Web3 space, many companies continued to adopt insecure practices. Role-based access control, secure onboarding, and multi-sig custody are now mandated in major jurisdictions, yet implementation remains inconsistent.

Regulators in the US, European Union, and other key jurisdictions have outlined principles for institutional-grade security, including cold storage, multi-party computation, and continuous monitoring. However, Rudystia said that these requirements are still evolving and not universally enforced.

Phishing attacks also contributed to the problem. In 2025, 248 phishing-related incidents were recorded, causing around $723 million in losses. CertiK, another major security firm, noted that attackers are increasingly using AI to lower the entry barrier for social engineering attacks.

How Markets Reacted

The growing number of attacks has led to increased scrutiny from regulators and law enforcement. Hacken recommended that authorities mandate real-time threat intelligence sharing and graduated penalties for non-compliance, particularly concerning North Korea-linked threats.

Yevheniia Broshevan, CEO of Hacken, emphasized the need for the industry to adopt clear protocols for using dedicated signing hardware and implementing essential monitoring tools. He predicted that as regulatory frameworks become more concrete, the overall security of Web3 platforms would improve.

In response to the 2025 breaches, firms like CertiK and Hacken are urging for more robust incident response strategies. These include regular penetration testing, custody control reviews, and independent financial audits. Large exchanges and custodians are being advised to treat these practices as non-negotiable in 2026.

What This Means for Investors

For investors, the 2025 security landscape presents both risks and opportunities. On one hand, the rise in cyberattacks has led to a growing demand for cybersecurity solutions. Companies like Acronis have seen recognition for their advancements in endpoint protection and threat detection.

On the other hand, the instability in the market has led to volatility in crypto assets. For example,

Circle
Internet reported strong Q3 2025 results, with a 66% year-over-year revenue increase. However, shares still fell in pre-market trading, reflecting investor concerns over guidance and market conditions.

The Bybit breach and others have also sparked discussions around the need for better regulatory oversight. As the industry moves into 2026, companies that adopt best practices in security and compliance are likely to gain a competitive edge. For investors, the key will be to monitor these developments closely and favor platforms that demonstrate robust security measures and regulatory alignment.

Comments



Add a public comment...
No comments

No comments yet