GoPlus Annual Security Report: 1,200 serious security incidents resulted in over $3.5 billion in total losses, with attackers' strategies showing a trend of both "precision hunting" and "broad net" approaches

According to data from GoPlus RektDatabase, there were over 1,200 serious security incidents involving users and projects in the Web3 space in 2025, resulting in total losses exceeding $3.5 billion.

The three most common types of attacks and fraud are private key theft (based on viruses, trojans, and social engineering), phishing attacks, and Rug Tokens (fraudulent tokens). Among them, the Bybit theft incident (February 21, $1.5 billion), the Cetus theft incident (May 22, $223 million), and the Balancer theft incident (November 2, $128 million) are the top three events in terms of losses in 2025.

The security situation shows a clear trend of "increased number of large-scale incidents" and "significantly reduced cost of small fraud for users," indicating that attackers' strategies are exhibiting a trend of "precision hunting" and "broad net" simultaneously. Notably, there were 12 attack incidents in 2025 with individual losses exceeding $30 million, of which 7 were in CeFi. The main reasons were the theft of administrator private keys and hot wallet private keys, exposing significant risks.