CertiK发布Hack3d报告：2025上半年损失金额已超去年全年，钓鱼攻击成主因

Core Insights - The report by CertiK indicates that losses due to security incidents in the Web3 sector reached nearly $2.5 billion in the first half of 2025, surpassing the total losses of the previous year [1] - The second quarter alone accounted for approximately $800 million in losses, with confirmed unrecoverable net losses totaling $2.29 billion for 2025, exceeding last year's net losses of $1.98 billion [1] - A significant portion of this year's losses, about $1.78 billion, was concentrated in two incidents involving Bybit and Cetus Protocol, suggesting that the overall risk landscape requires a nuanced perspective [1] Group 1 - Phishing attacks have emerged as the most damaging attack method, resulting in losses close to $400 million, surpassing levels from the same period last year [1] - Incidents of private key leaks have decreased, while code vulnerability attacks remain at historical average levels, although specific cases like Cetus Protocol still occur [1] Group 2 - The report details the most attacked blockchains, the top three security incidents of the quarter, and trends in Web3 development, providing security enhancement recommendations for users and project teams [2] - CertiK emphasizes the need for improved preemptive protective mechanisms, enhanced transparency, and strengthened real-time monitoring capabilities as more users, institutions, and government entities engage with Web3 [2] - The Hack3d security report is published quarterly to review security incidents and industry trends, offering insights into the current state, challenges, and opportunities in Web3 security [2]