According to ChainCatcher, based on incomplete statistics from SlowMist Blockchain, a total of 200 security incidents occurred throughout the year, resulting in losses of approximately $2.935 billion. Compared to 2024 (410 incidents, with losses of approximately $2.013 billion), although the number of incidents decreased significantly, the amount of losses increased by approximately 46% year-on-year.
In terms of ecosystem distribution, Ethereum remains the most frequently attacked and most severely affected ecosystem, with losses of approximately $254 million throughout the year, significantly leading the pack. BSC follows closely behind, with related losses of approximately $21.93 million, while Solana ranks third, with losses of approximately $17.45 million throughout the year. By project sector, DeFi projects are the most frequently attacked area: 126 security incidents occurred in 2025, accounting for approximately 63% of the total for the year, resulting in losses of approximately $649 million, a decrease of approximately 37% compared to 2024 ($339 incidents, $1.029 billion in losses). Trading platform incidents numbered only 12, yet caused a staggering $1.809 billion in losses, with Bybit alone incurring a loss of approximately $1.46 billion, making it the most severe incident of the year.
In terms of the causes of the attacks, contract vulnerabilities were the primary trigger, accounting for 61 cases; hacking of X accounts followed closely behind, with 48 cases. The report points out that as generative AI has rapidly gained popularity over the past two years, attackers have begun to incorporate it into fraud and attack chains. Compared to traditional tools, AI's capabilities in text, speech synthesis, image, and video generation have significantly reduced the cost of fraud. Attacks no longer rely on crude rhetoric or obviously abnormal behavior, but rather on highly realistic content, coherent interactions, and precise target selection, making it more difficult for victims to psychologically perceive the risks.
