CredShields released its Web3 Security report for the first half of 2025. It’s full of data from Web3HackHub, over 2.5 million SolidityScan runs, and a bunch of manual checks. The report brings forward a fact which is not small to digest. A crazy $2.72 billion disappeared in 56 incidents. Notable names included the $1.45B Bybit hack, the $250M LIBRA inside job, and the $223M Cetus Protocol overflow thing on Sui.
What the Report Found:
A massive $2.72B was taken in 56 separate attacks in the first half of 2025. Most of the damage came from exchange related stuff.
How hackers got in:
- Messed up systems ($1.45B gone)
- Bad permissions ($1.3B gone)
- Simple coding mistakes ($350M gone)
- Oracle tricks/overflows ($230M gone)
- Stolen private keys ($74M gone)
- Scams ($300M gone)
- Social engineering ($35M gone)
Where the losses happened: Ethereum was hit hardest (about 65% of the losses). BNB Chain and Solana each had around $250M lost. Sui was hit for $223M, and Arbitrum lost $56M.
Some of the biggest messes: Bybit (hacked user interface, $1.45B), LIBRA (insider scam, $250M lost by normal users, $110M gained by insiders), Cetus Protocol (integer overflow, $223M), Nobitex (hack burned around $90M), Phemex (hot wallet breach, $70–73M), UPCX (admin upgrade gone wrong, $70M), and Infini (shady backdoor, $49.5M).
Shashank, Co-founder at CredShields said, ‘Think about security from the start to avoid fixing problems later. Easy access happens through bad user interfaces, roles with too much power, unsafe third party stuff, and quick listings. Secure your permissions, always scan for problems. If you’re pushing updates every week, check your security every day.’
What to Do Now, According to the Report:
- Check security from the get go when building
- Spot problems early with smart detection (like SolidityScan, which has tons of detectors)
- Use both automated checks and manual reviews. Also, watch things after launch, and pay people to find bugs
- Better cross chain security, limit permissions, and lock down oracles
- Lower risks by using strong key handling, requiring many signatures, and keeping an eye on insiders
- Use the OWASP Smart Contract Top 10 as a basic security guide.
What Could Happen Next:
Hackers might bypass multisigs by messing with systems and interfaces (like Bybit).
Fast listings and insider deals can hurt regular people (like LIBRA, Ionic).
Problems with third-party code can still cause issues (like the Cetus overflow).
About the Report:
The State of Web3 Security report for the first half of 2025 uses data from Web3HackHub, over 2.5M SolidityScan runs, and CredShields’ reviews to show where money’s being lost, how, and what to do.
About CredShields:
CredShields helps secure Web3 with checks and security tools. Their SolidityScan tool checks for common issues, maps to the OWASP Top 10, and works with development to stop hacks. Web3HackHub is CredShields’ collection of past and present incidents to help everyone learn how to better protect themselves.
Media Contact : shreya@credshields.com
Disclaimer: This is a paid release. The statements, views and opinions expressed in this column are solely those of the content provider and do not necessarily represent those of Bitcoinist. Bitcoinist does not guarantee the accuracy or timeliness of information available in such content. Do your research and invest at your own risk.
