Crypto hack counts fall but supply chain attacks reshape threat landscape

cointelegraphPublished on 2025-12-23Last updated on 2025-12-23

Abstract

New data from CertiK reveals that while crypto hackers stole $3.3 billion in 2025, the number of attacks fell sharply. Losses were concentrated in fewer, more damaging supply-chain attacks, which accounted for $1.45 billion across just two incidents, including the $1.4 billion Bybit hack. This shift indicates attackers are moving away from simple code vulnerabilities toward more sophisticated infrastructure-level exploits. The number of security incidents decreased by 162 year-over-year, suggesting improved protocol-level security. The median loss per hack fell 35.75% to $103,966, though the average loss rose to $5.3 million due to high-value outliers. Phishing scams were the second-largest threat, costing $722 million across 248 incidents. A significant subset was "pig butchering" romance scams, which used prolonged emotional manipulation and cost the industry $5.5 billion in 2024.

Crypto hackers stole $3.3 billion in 2025, but the number of attacks fell sharply as losses became concentrated in fewer, more sophisticated supply-chain exploits, according to new data from blockchain security firm CertiK shared with Cointelegraph.

While total losses remained elevated, the decline in incident counts and a drop in median theft sizes suggest that protocol-level security is improving, pushing attackers away from simple code vulnerabilities and toward phishing and infrastructure-level attacks.

CertiK said supply-chain breaches emerged as the most damaging threat, accounting for $1.45 billion in losses across just two incidents, including the $1.4 billion Bybit hack in February.

"The Bybit exploit signals that well-capitalized, well-coordinated threat actors are becoming more active across the ecosystem," the report said, predicting a rise in the “sophistication” of supply chain attacks as attackers target more infrastructure providers.

Crypto hacks by amount and incident, yearly chart. Source: CertiK

Related: Soulja Boy token sparks backlash after Base co-founder posts purchase receipt

The number of security incidents decreased by 162 counts year-over-year, indicating that blockchain cybersecurity measures are improving despite hackers aiming for larger targets.

The average amount lost per hack stood at $5.3 million, a 66% increase from the previous year. However, the median loss — a measure less influenced by outlier incidents — fell to $103,966, down 35.75% over the same period.

Cryptop hacks by incident type and amount of losses, one-year chart. Source: CertiK

Related: Solana AI token Ava hit by launch sniping tied to deployer: Bubblemaps

Code vulnerabilities fade as “pig butchering” scams threaten crypto savings

Phishing scams became the second-largest threat, costing crypto investors a cumulative $722 million across 248 incidents.

Recently, an investor lost their entire Bitcoin (BTC) retirement fund in an artificial intelligence-fueled romance scam, also known as a "pig butchering" scam, where the con artists used prolonged emotional manipulation to convince the investors to transfer their funds.

Pig butchering victim stats, grooming time. Source: Cyvers

Pig butchering scams are a subset of phishing scams that cost the industry a collective $5.5 billion in 2024, across 200,000 individual cases.

Notably, the average grooming period for victims is between one and two weeks in 35% of cases, while 10% of scams involve grooming periods of up to three months, according to blockchain security platform Cyvers.

In June, the US Department of Justice announced the seizure of over $225 million in crypto linked to pig butchering scams.

Magazine: Coinbase hack shows the law probably won’t protect you — Here’s why

Related Questions

QAccording to CertiK's data, what was the total amount stolen by crypto hackers in 2025 and what was the most damaging type of attack?

ACrypto hackers stole a total of $3.3 billion in 2025. The most damaging type of attack was supply-chain breaches, which accounted for $1.45 billion in losses.

QWhat does the report suggest about the trend in protocol-level security based on the decline in incident counts and median theft sizes?

AThe decline in incident counts and the drop in median theft sizes suggest that protocol-level security is improving. This is pushing attackers away from simple code vulnerabilities and toward more sophisticated methods like phishing and infrastructure-level attacks.

QWhat was the average amount lost per hack and how much did it change from the previous year?

AThe average amount lost per hack stood at $5.3 million, which was a 66% increase from the previous year.

QWhat are 'pig butchering' scams and how much did they cost the industry in 2024?

A'Pig butchering' scams are a subset of phishing scams that involve prolonged emotional manipulation to convince victims to transfer their funds. They cost the industry a collective $5.5 billion in 2024 across 200,000 individual cases.

QWhat significant action did the US Department of Justice take regarding pig butchering scams in June?

AIn June, the US Department of Justice announced the seizure of over $225 million in cryptocurrency that was linked to pig butchering scams.

Related Reads

Playnance’s $GCOIN Lists on KoinBX Amid Rapid Growth in India

Playnance's native token, $GCOIN, has been listed on the cryptocurrency exchange KoinBX as of June 18. This move aims to enhance accessibility for its rapidly growing community, particularly in India, where the blockchain-powered Web3 iGaming ecosystem has gained significant traction. Over 130 partners in Playnance's "Be the Boss" program have built communities engaging thousands of active players in the region. The "Be the Boss" model allows participants to create and manage their own gaming communities, earning rewards tied to community activity. CEO Pini Peter noted India's high engagement, with community leaders successfully building player networks. One partner, Dr. Nicolas, reported earning over $57,000 through the program in recent months, highlighting both the financial rewards and the opportunity to grow an engaged community. $GCOIN serves as the ecosystem's core utility token, incentivizing participation and aligning the interests of players and community leaders ("Bosses"). The listing on KoinBX is part of Playnance's strategy to expand globally, increasing the token's utility and accessibility by combining community ownership, gamified engagement, and blockchain-based incentives. Founded in 2020, Playnance is a Web3 iGaming infrastructure company focused on creating live, non-custodial, on-chain products to onboard mainstream users. It currently processes approximately one million transactions daily, aiming to simplify the user experience while maintaining full on-chain transparency.

TheNewsCrypto39m ago

Playnance’s $GCOIN Lists on KoinBX Amid Rapid Growth in India

TheNewsCrypto39m ago

STRC Hits Historic Low, Saylor's Perpetual Motion Machine Grinds to a Halt

STRC, the perpetual preferred stock issued by MicroStrategy to fund its Bitcoin purchases, hit a historic low of $85.32, a 17% discount to its $100 par value. Designed as a "digital credit engine" to trade stably near par and enable continuous share issuance for buying Bitcoin, its plunge signals a breakdown in this model. Three key factors drove the decline: 1. Bitcoin's price fell over 50% from its peak, trading around $63,000 amid hawkish Fed signals. 2. MicroStrategy's cash reserves were depleted after a $1.5 billion convertible note repayment, slashing the dividend coverage for STRC's 11.5% yield to ~7 months. The company then sold 32 BTC to cover dividends—Michael Saylor's first Bitcoin sale since 2022—damaging the "never sell" narrative. 3. A competing Bitcoin-backed preferred stock, Strive's SATA, offers a higher yield (~13%) and daily dividends, drawing investors away from STRC. The drop triggers a negative cycle: STRC below par halts ATM share issuances, cutting off a key funding source for Bitcoin buys and potentially forcing more BTC sales for dividends, further eroding confidence. While Saylor argues the model is mathematically sound—needing only 2.3% annual Bitcoin growth to sustain itself—the market is testing the resilience of the leveraged Bitcoin treasury strategy in a bear market. The STRC price now reflects rising skepticism about this financial machinery's durability during downturns.

marsbit59m ago

STRC Hits Historic Low, Saylor's Perpetual Motion Machine Grinds to a Halt

marsbit59m ago

A Guide to Grayscale’s ‘Bottom Fishing’: Using Cash Flow to Assess Cryptocurrency Value

**Title:** Grayscale's Guide to Bottom-Fishing: Valuing Cryptoassets Using Cash Flows **Summary:** This report by Grayscale Research presents a fundamental valuation framework for cryptocurrency assets, moving beyond pure speculation to analyze those with underlying cash flows. It distinguishes between "commodity-like" assets (e.g., Bitcoin) and "cash-flow" assets, primarily within DeFi. Using the leading decentralized lending protocol Aave as a case study, the analysis applies traditional financial methodologies like Discounted Cash Flow (DCF) and Price-to-Earnings (P/E) multiples. Key findings indicate that AAVE tokens are currently undervalued. Despite recent challenges, the protocol's strong revenue growth, ~50% net profit margin, and diversified treasury support a fundamental valuation range of $80-$100 per token (compared to a ~$75 market price at the time of writing). In a base-case scenario driven by stablecoin adoption and regulatory clarity, the fair value could rise to around $175 within a year. The report emphasizes that protocol success does not automatically translate to token value. It critically examines the "value capture" mechanisms—such as buybacks, burns, and staking rewards—that channel protocol profits to token holders. Furthermore, it addresses the legal and governance complexities of Decentralized Autonomous Organizations (DAOs), noting their difference from traditional corporate equity but highlighting how robust, transparent governance can align protocol economics with holder interests. The conclusion is that the crypto market is maturing, with capital increasingly flowing towards projects with demonstrable fundamentals, real adoption, and disciplined capital allocation, creating opportunities for value-based investors.

marsbit2h ago

A Guide to Grayscale’s ‘Bottom Fishing’: Using Cash Flow to Assess Cryptocurrency Value

marsbit2h ago

After semiconductors lead the gains, are funds buying into AI orders or a macroeconomic rebound?

After US-Iran talks led to a temporary ceasefire and framework for reopening the strategic Strait of Hormuz, U.S. stocks rose on June 18, with the Nasdaq gaining 1.9%. The semiconductor and AI hardware sectors outperformed. This rally stemmed primarily from reduced geopolitical risk, which lowered oil prices and inflation expectations, easing discount rate pressure on high-valuation growth stocks like tech. The key question is not whether tech rebounded, but the nature of the rebound. The market appears to be selectively repricing AI infrastructure plays rather than broadly chasing AI narratives. Gains were concentrated in chips, optical interconnects, memory, and domestic manufacturing—segments tied to tangible data center build-outs and capital expenditure. Intel's ~10% surge, fueled by a Trump statement about potential Apple collaboration, exemplifies this mixed dynamic. It reflects policy catalysts and domestic manufacturing sentiment more than confirmed fundamentals. Meanwhile, strong earnings from companies like Astera Labs (revenue up 93% YoY) provided concrete evidence of AI-driven demand in hardware. In essence, the rally represents a risk-premium recalibration. Lower Middle East tensions opened a valuation repair window, and capital flowed first into AI infrastructure segments with visible near-term revenue streams. The sustainability of this move hinges on upcoming Q2 earnings, specifically continued strength in cloud provider capex, AI server orders, and hardware company guidance. Policy hopes alone are insufficient; the cycle needs validation from orders and financials.

marsbit2h ago

After semiconductors lead the gains, are funds buying into AI orders or a macroeconomic rebound?

marsbit2h ago

Kraken Adds Solana On-Chain Token Trading Directly Inside Its App

Kraken has integrated on-chain Solana token trading directly into its main app, eliminating the need for users to use a separate wallet or manage seed phrases. Eligible customers in the U.S. and over 100 countries can now trade approximately 2,500 verified Solana-based tokens within the familiar Kraken interface. This move aims to simplify decentralized trading by using embedded wallet technology from Privy and Solana DEX protocols to handle transactions in the background, while displaying on-chain holdings alongside centralized exchange balances. The exchange chose Solana due to its fast-moving token markets and retail trader familiarity, offering access to assets that often appear on-chain before centralized listings. However, Kraken clarifies that these on-chain tokens have not undergone the same review process as centralized listings, meaning market risks remain. This integration reflects a broader trend of major exchanges incorporating DeFi features to retain users who seek early access to new tokens. While not replacing advanced DeFi wallets, Kraken's solution seeks to make on-chain trading more accessible to a mainstream retail audience.

bitcoinist3h ago

Kraken Adds Solana On-Chain Token Trading Directly Inside Its App

bitcoinist3h ago

Trading

Spot
Futures
活动图片