Increased Warnings Issued by CertiK Regarding Rising Phishing Attempts
In the ever-evolving world of cryptocurrency, the Web3 ecosystem is facing a complex and dynamic threat landscape for 2025. According to the latest reports by CertiK and other experts, the year ahead promises challenges that span from technical vulnerabilities to human factors and access control weaknesses.
The most costly attack vector in 2024 was phishing, with more than $1 billion stolen through 296 attacks, as reported by CertiK. However, unreported incidents and similar scams are expected to push the real tally of losses higher. Hacken experts estimated that total Web3-market losses in 2024 exceeded $2.9 billion.
Phishing tactics are expected to evolve in 2025, potentially incorporating artificial intelligence. Despite this, the largest loss in Japan in 2024, following the Coincheck breach, was the May attack on Japanese cryptocurrency exchange DMM Bitcoin, resulting in a loss of 4,502 BTC, worth approximately $320 million at the time. DMM Bitcoin announced liquidation in December 2024.
Phishing was not the only threat in 2024. Critical code vulnerabilities remain a concern. In 78% of cases, exploits stemmed from access control vulnerabilities, according to Hacken experts. Direct losses from Real-World Asset (RWA) specific exploits reached about $14.6 million in the first half of 2025, surpassing $6 million in 2024 and approaching the $17.9 million lost in 2023.
The second most significant threat identified by CertiK analysts in 2024 was private key compromise, leading to over $855 million in losses across 65 incidents. This shift from attacks on technical cryptographic flaws toward targeting human and procedural weaknesses is a concerning trend for 2025.
As we move forward, the Web3 ecosystem will need to address these threats head-on. The 2025 Skynet RWA Security Report, along with industry data, provides valuable insights to help shape our understanding of the current threat landscape and offers information on what's next.
[1] CertiK 2025 Skynet RWA Security Report [2] Cointelegraph Report on 2024 Web3 Losses [3] Hacken Expert Analysis on 2024 Web3 Threats [4] Chainalysis Report on North Korean Hacking in 2024 [5] The 2024 Hack3d Report
Bitcoin, with its massive value, remains a prime target for cyber attacks, as evidenced by the May attack on Japanese cryptocurrency exchange DMM Bitcoin in 2024, resulting in a loss of 4,502 BTC worth approximately $320 million. With the shifting trend from attacks on technical cryptographic flaws toward targeting human and procedural weaknesses, the role of cybersecurity in Defi and the broader Web3 ecosystem becomes increasingly critical as we move towards 2025. [Skynet RWA Security Report 2025, Cointelegraph Report on 2024 Web3 Losses, Hacken Expert Analysis on 2024 Web3 Threats]
