October proved to be another difficult month for Web3 security, with new data from GoPlus Security showing that the crypto ecosystem suffered more than $45.84 million in losses from hacks, scams, and other malicious activity.
According to the on-chain security firm’s latest monthly report, the incidents spanned a wide range of attack types—including protocol exploits, social engineering schemes, phishing attacks, honeypot tokens, rug pulls, and Ponzi operations. In total, 16 major incidents were recorded, each resulting in losses ranging from a few thousand dollars to tens of millions.
Major Incidents: SBI Crypto Hack Leads October Losses
The SBI Crypto hack, which unfolded at the start of the month, was the most significant single event, causing roughly $21 million in losses across multiple assets such as Bitcoin, Ethereum, Litecoin, Dogecoin, and Bitcoin Cash.
An investigation by blockchain analyst ZachXBT and security firm Cyvers suggested possible links to North Korean–affiliated hacking groups. The laundering pattern—funneling funds through Tornado Cash—mirrored tactics historically associated with groups like Lazarus. However, SBI Crypto has not confirmed any attribution.
Other Significant Exploits
Additional major exploits highlighted in the report include:
- •Garden Finance: Approximately $10.8 million lost.
- •Astra Nova: A hack of its official social account triggered a large forced sell-off of its RVV token, leading to losses of about $10.3 million.
These incidents underscored continued vulnerabilities across Web3 platforms, particularly those with access control or operational security gaps.
Phishing Attacks Surge, Affecting Thousands
GoPlus also reported a rise in phishing campaigns throughout October, with estimated losses reaching $3.5 million and impacting more than 11,000 users.
One of the largest incidents involved the trading platform GMGN, where attackers created a convincing third-party phishing site that tricked users into signing malicious transactions. More than 100 users were affected, with total losses exceeding $700,000.
Other notable cases include:
- •A trader who lost $325,000 in Coinbase Wrapped BTC after approving a fraudulent “increaseAllowance” request.
- •Another user who lost $440,000 in multiple assets after unknowingly authorizing a malicious “permit” signature.
GoPlus noted that attackers are increasingly using Phishing-as-a-Service (PhaaS) tools and AI-powered site generators, lowering the barrier to launching large-scale phishing operations.
Honeypot Tokens Spike Dramatically
The report also highlighted an alarming jump in honeypot tokens, which surged 600% month-over-month to 2,189 tokens across several blockchains—including Ethereum, Base, and BNB Smart Chain.
Honeypot tokens are designed to lure buyers in, while embedded smart contract restrictions prevent them from selling or withdrawing funds.
Breakdown by chain:
- •BNB Smart Chain: 1,780 honeypot tokens
- •Ethereum: 216 tokens
- •Base: 131 tokens
Although the increase is significant, it is still well below the extreme spike recorded in June 2025, when the market saw more than 40,000 honeypot tokens deployed in a single month.