Recently, blockchain media Decrypt cited CertiK analysis data and released a report on the security situation of Web3.0 in April. The report showed that the Web3.0 industry lost $364 million due to hacker attacks and fraud that month, of which $337 million came from phishing attacks.
At the Unchained Summit held in Dubai at the end of April, CertiK co-founder and CEO Professor Ronghui Gu also pointed out in his speech that although blockchain has become an important part of the global financial infrastructure, security challenges remain severe. He called for the incorporation of advanced technologies such as formal verification into the security protection system and emphasized that the industry should face up to the systemic risks exposed by each attack incident.
It is worth noting that the on-chain security incidents in April were not isolated cases. In addition to the huge phishing attacks, multiple decentralized platforms such as KiloEX, Loopscale and ZKsync also encountered vulnerability exploitation. Although some funds were recovered with the assistance of white hat hackers, the overall security situation is still not optimistic.
As the largest Web3.0 security company, CertiK has become an important force in leading the industry's security development with its deep accumulation in formal verification, AI technology, and compliance collaboration. CertiK reminds Web3.0 project owners and users to verify the authenticity of the URL and smart contract when transferring assets, and to use storage methods such as cold wallets that isolate the Internet to further improve asset security.
The following is the full report:
CertiK: Web 3.0 industry lost $364 million in April due to hacking and fraud
Most of these losses were related to a single incident — an elderly U.S. citizen had 3,520 bitcoins stolen after a phishing attack.
According to the latest disclosure by blockchain security company CertiK, in April 2025, the Web3.0 industry lost a total of approximately $364 million due to hacker attacks, fraud, and vulnerability exploits. Most of the losses were related to phishing attacks.
CertiK said that of the $364 million, as much as $337 million was related to phishing attacks. It is worth noting that this huge loss was mainly caused by a single incident: hackers stole 3,520 bitcoins from a wallet through carefully designed social engineering methods.
On-chain investigator ZachXBT said the stolen assets were quickly transferred to at least six flash exchange platforms and exchanged for Monero, causing the price of XMR to surge by 50%. He confirmed on Wednesday that the victim was an "elderly person living in the United States who had held these bitcoins since 2017."
In addition to this major case, several representative attacks occurred in April, including a $7.5 million attack on the decentralized trading platform KiloEX, in which the attacker exploited a vulnerability in the price oracle; in another incident, the project party Loopscale suffered a hacker attack and lost $5.8 million; and the airdrop contract of the Ethereum expansion protocol ZKsync was also stolen by attackers for more than $5 million.
Fortunately, CertiK said that all three platforms have partially recovered the stolen funds with the help of white hat hackers.
The April loss was a significant increase compared to the $28.8 million in losses confirmed in March, but still not much compared to the "highest month in history" in February, when $1.5 billion was stolen. At that time, the hacker group Lazarus Group launched a large-scale attack on the exchange Bybit, shocking the industry.
Shortly before the release of this series of data, Professor Gu Ronghui, co-founder of CertiK, warned that although blockchain technology has gradually developed into an "important part of the global financial infrastructure" in recent years, security challenges remain "severe." According to him, in the first quarter of 2025 alone, the industry lost $1.67 billion due to hacker attacks, a 303% increase from the previous quarter, with the Ethereum ecosystem becoming the main target of attacks.
CertiK pointed out that phishing attacks are still growing, and reminded Web3.0 project owners and investors to verify the authenticity of the URL and smart contract before transferring assets.
In addition, CertiK also recommends that users use cold wallets that are isolated from the Internet to store assets and avoid disclosing information related to their digital assets on social media.
