Ethereum led all ecosystems in safety losses within the first half of 2025, with DeFi platforms dropping round $470 million, in keeping with the blockchain safety agency.
The Ethereum ecosystem has been essentially the most affected by safety incidents within the first half of 2025, in keeping with a mid-year report by blockchain safety agency SlowMist.
Out of 121 complete recorded incidents, Ethereum-related tasks suffered round $38.6 million in losses. DeFi platforms have been essentially the most frequent targets, accounting for 92 incidents and roughly $470 million in losses, or about 76% of all assaults throughout the interval.
There have been fewer reported incidents within the first half of 2025 than in the identical interval final 12 months, however the sum of money misplaced elevated, primarily as a result of $1.5 billion Bybit hack. Within the first half of 2024, there have been 223 incidents leading to roughly $1.43 billion in losses.
In 2025, there have been 121 incidents, however estimated losses reached about $2.37 billion. SlowMist mentioned the true quantity is perhaps increased, since some instances go unreported and token costs fluctuate over time.
Assault Vectors
A lot of the assaults leveraged account compromises and sensible contract bugs. Account takeovers have been the commonest, with 42 instances, adopted by 35 incidents brought on by contract vulnerabilities.
The report additionally revealed rising dangers tied to Ethereum’s EIP-7702 pockets delegation characteristic, which was launched as a part of the Pectra improve earlier this 12 months. The characteristic permits customers to authorize sensible contracts to behave on their behalf with out having to swap out their pockets handle.
In a single instance, a phishing group known as Inferno Drainer reportedly stole over $146,000 by abusing the brand new mechanism.
“Even when the contract itself has no backdoors, in case you are tricked by a phishing web site into granting authorization, attackers can exploit the contract’s full operational capabilities to empty your property in bulk,” SlowMist mentioned.
The exploit used commonplace pockets instruments to trick the person into approving token entry in bulk, a kind of threat that, in keeping with SlowMist, might not all the time be detected by anti-phishing instruments.
Different dangers related to EIP-7702 embody potential non-public key leaks, replay assaults throughout a number of chains, and points that might come up throughout pockets upgrades, the blockchain intelligence agency famous.
Analysts at SlowMist famous that EIP-7702 brings “new threat boundaries,” including that customers should “totally perceive who they’re authorizing and what permissions they grant earlier than signing any delegation.”
