Web3 Loses $3.1B in H1 2025 as AI-Driven Attacks Soar 1,025%

Generated by AI AgentCoin World
Thursday, Jul 24, 2025 12:28 pm ET1min read
ETH
--
UNI
--
Aime RobotAime Summary

- Hacken's 2025 H1 Web3 security report reveals $3.1B in losses from exploits, surpassing 2024's total with AI-driven attacks surging 1,025%.

- Ethereum (61.4%) and access control failures ($1.83B) dominated losses, while phishing and smart contract bugs added $600M and $263M respectively.

- Major breaches like Munchables ($290M) and Pike Finance ($136M) highlight risks as AI vulnerabilities and weak input validation accelerate threats.

- DeFi protocols accounted for 69% of incidents, prompting calls for proactive cybersecurity frameworks and regulatory coordination against evolving attack vectors.

The Hacken 2025 Half-Year Web3 Security Report, released on July 24, reveals that Web3 platforms lost $3.1 billion to exploits and scams in the first half of the year—a figure surpassing the total losses recorded in 2024 [1]. This marks 2025 as the most expensive year for Web3 security, with

Ethereum
accounting for 61.4% of the total losses, followed by BNB Chain (20.2%) and Arbitrum (11.4%) [1]. The report highlights a 1,025% surge in AI-related attack vectors compared to the second half of 2024, driven by vulnerabilities in AI inference layers, insecure API design, and weak input validation [1].

Access control failures emerged as the leading cause of losses, responsible for $1.83 billion of the $3.1 billion total, with most incidents occurring in Q1 2025 [1]. Phishing and social engineering attacks contributed $600 million to the losses, while smart contract bugs accounted for $263 million, the highest quarterly total for DeFi since early 2023 [1]. The report identifies the Munchables breach ($290 million) and the Pike Finance series of attacks ($136 million) as the largest incidents of the period, alongside a $12 million loss in the

Uniswap
V4 ecosystem due to a hook-related exploit [1].

The rise in AI-driven exploits underscores a critical challenge: the rapid integration of complex technologies outpacing the development of security frameworks. Hacken Co-Founder and CBDO Yevheniia Broshevan described 2025 as a “wake-up call,” emphasizing the need for cybersecurity to transition from a reactive measure to a core business function as blockchain scales in enterprise contexts [1]. The report recommends continuous monitoring, automated defense systems, and updated auditing standards to address the growing sophistication of threats, particularly in environments blending Web3 protocols with AI models [1].

DeFi protocols accounted for 69% of all incidents in H1 2025, while CeFi attacks, though fewer in number, often resulted in larger individual losses [1]. The convergence of financial and infrastructure attack vectors has also drawn attention to the strategic targeting of blockchain infrastructure by geopolitical actors and financially motivated groups [1]. The report warns that traditional cybersecurity threats and on-chain vulnerabilities may require unprecedented regulatory coordination among Web3-native firms, national agencies, and cybersecurity vendors [1].

Source: [1] [Hacken Report Flags $3.1B Web3 Meltdown, 1,025% Spike in AI Attacks] [https://cryptonews.com/news/hacken-report-3-1b-web3-meltdown-ai-attacks/]