Today, Hacken releases the Yearly Security Report 2025, our most comprehensive analysis to date, of the security trends shaping digital assets and their implications for the industry’s future. In 2025 alone, more than $4 billion was lost to Web3 incidents as security, governance, and operational maturity failed to keep pace with growing threats. This report breaks down what went wrong, why it happened, and what must change next.
What’s Inside the Web3 Security Report 2025
For the past two years, Hacken’s Web3 security research has been widely cited across the industry. In 2025, this report goes further than ever before. It is informed both by on-chain analysis and incident response data, and also by direct alignment with traditional finance institutions actively shaping the next generation of digital asset infrastructure.
Key Findings:
- $4B stolen in 2025, a major increase year over year
- 52% of all losses linked to North Korea
- $2.1B+ lost through operational security failures
- $512M exploited in DeFi protocols
The report also includes a dedicated section on AI and emerging AI-native security failures, as well as a high-level overview of global and U.S. crypto regulation, including what regulators now expect from crypto companies.
Institutional Insights from the Hacken Trust Summit
For the first time, this report incorporates institutional perspectives gathered at the Hacken Trust Summit, held in November at the Nasdaq MarketSite in New York.
The invite-only summit brought together 100 institutional leaders representing trillions in assets, including: Nasdaq, JPMorgan Chase, Citi, Société Générale, Moody’s, S&P Global, DTCC, Coinbase, Kraken, global regulators, and digital innovators. The consensus was clear:
Decentralized systems are entering an era where cybersecurity becomes an indispensible part of the critical infrastructure, and must be verified, and continuously maintained.
Download the Full Report
This report is for Web3 founders and security teams, exchanges and custodians, infrastructure providers, institutional investors, compliance leaders, and regulators shaping digital asset frameworks. It goes beyond documenting what broke to explain why it broke, what could have prevented it, and what must change in 2026.
👉 Download the full report here
