Monthly Dynamics: Web3 Security Incidents Total Losses Approximately $82.89 Million

In August 2025, the total loss from Web3 security incidents was approximately US$82.89 million.

Author: SlowMist Technology

Overview

In August 2025, Web3 security incidents resulted in a total loss of approximately $82.89 million. According to the SlowMist Blockchain Hack Archive (https://hacked.slowmist.io), nine hacking incidents occurred, resulting in approximately $70.73 million in losses, with $6.3 million frozen or returned. The incidents were caused by contract vulnerabilities, scams, and account hacks. Furthermore, according to Scam Sniffer, a Web3 anti-fraud platform, there were 15,230 victims of phishing incidents this month, resulting in losses of $12.16 million.

Major security incidents

BtcTurk

On August 14, 2025, the Turkish cryptocurrency exchange BtcTurk was attacked again, resulting in losses of approximately $54 million. Previously, on June 22, 2024, BtcTurk was attacked, resulting in losses of approximately $90 million.

Regarding this incident, BtcTurk admitted that its hot wallet had experienced “unusual activity” and had suspended deposits and withdrawals. However, it did not disclose further details about the scale of the attack.

ODIN.FUN

On August 12, 2025, ODIN.FUN, a Bitcoin-based memecoin issuance platform, was attacked, resulting in a loss of approximately 58.2 BTC (approximately $7 million). The attacker is suspected of manipulating the prices of multiple tokens and then withdrawing Bitcoin at inflated prices. On August 17, ODIN.FUN co-founder Bob Bodily stated, "We made significant progress on the funding front today (as many of you have seen). Over 30 BTC have already been repatriated to ODIN, with more funds being processed."

BetterBank

On August 27, 2025, the PulseChain-based DeFi project BetterBank was attacked, resulting in losses of approximately $5 million. The attacker exploited a contract vulnerability to mint arbitrary tokens, some of which were exchanged for ETH. The attacker subsequently returned approximately 550 million pDAI (approximately $2.7 million) of the stolen assets.

Credix

On August 4, 2025, the decentralized lending protocol Credix was attacked, resulting in losses of approximately $4.5 million. The attacker, by gaining control of the administrator's wallet, forged tokens and drained funds from the liquidity pool. Credix subsequently announced a settlement with the attacker, agreeing to return the funds in exchange for a "full payment of a certain amount from the Credix treasury." However, Credix did not disclose the actual amount paid. Shortly after this announcement, Credix's social media accounts were deleted, and the team disappeared. This sparked speculation that the alleged attack was actually an inside job. To date, the promised compensation has not been paid.

Feature analysis and security recommendations

The events of August demonstrate that centralized platforms' hot wallets remain a high-risk area, potentially leading to significant capital losses if compromised. Contract vulnerabilities continue to frequently occur, with price manipulation and token minting exploited repeatedly, demonstrating a lack of ongoing security maintenance for some protocols after launch. Furthermore, this month saw several teams disappear after incidents, raising questions about whether the so-called "attacks" were in fact a complete abscondment. These types of risks often pose a greater threat to investors.

Overall, fund recovery remains difficult. While some assets have been recovered in individual cases, the percentage is limited, demonstrating that proactive protection is more important than post-event recovery. Therefore, both platforms and users need to continuously enhance their security awareness and preventative measures. The SlowMist Security Team recommends that project owners maintain a high level of vigilance and conduct regular, comprehensive security audits to promptly identify and address potential vulnerabilities. Asset management systems should strengthen wallet tiering and early warning mechanisms, while also monitoring the latest attack methods and security trends to ensure the safety of both assets and users. Regular users can enhance their protection capabilities by referring to the "Blockchain Dark Forest Self-Guard Handbook" (https://github.com/slowmist/Blockchain-dark-forest-selfguard-handbook).

Finally, the events included in this article are the major security incidents of this month. More blockchain security incidents can be viewed in the SlowMist Blockchain Hack Archive (https://hacked.slowmist.io/). Click to read the original article to jump directly.

Disclaimer: As a blockchain information platform, the articles published on this site solely reflect the personal views of the authors and guests and do not represent the position of Web3Caff. The information within these articles is for reference only and does not constitute any investment advice or offer. Please comply with the relevant laws and regulations of your country or region.