Crypto hack counts fall but supply chain attacks reshape threat landscape

cointelegraphPublished on 2025-12-23Last updated on 2025-12-23

Abstract

New data from CertiK reveals that while crypto hackers stole $3.3 billion in 2025, the number of attacks fell sharply. Losses were concentrated in fewer, more damaging supply-chain attacks, which accounted for $1.45 billion across just two incidents, including the $1.4 billion Bybit hack. This shift indicates attackers are moving away from simple code vulnerabilities toward more sophisticated infrastructure-level exploits. The number of security incidents decreased by 162 year-over-year, suggesting improved protocol-level security. The median loss per hack fell 35.75% to $103,966, though the average loss rose to $5.3 million due to high-value outliers. Phishing scams were the second-largest threat, costing $722 million across 248 incidents. A significant subset was "pig butchering" romance scams, which used prolonged emotional manipulation and cost the industry $5.5 billion in 2024.

Crypto hackers stole $3.3 billion in 2025, but the number of attacks fell sharply as losses became concentrated in fewer, more sophisticated supply-chain exploits, according to new data from blockchain security firm CertiK shared with Cointelegraph.

While total losses remained elevated, the decline in incident counts and a drop in median theft sizes suggest that protocol-level security is improving, pushing attackers away from simple code vulnerabilities and toward phishing and infrastructure-level attacks.

CertiK said supply-chain breaches emerged as the most damaging threat, accounting for $1.45 billion in losses across just two incidents, including the $1.4 billion Bybit hack in February.

"The Bybit exploit signals that well-capitalized, well-coordinated threat actors are becoming more active across the ecosystem," the report said, predicting a rise in the “sophistication” of supply chain attacks as attackers target more infrastructure providers.

Crypto hacks by amount and incident, yearly chart. Source: CertiK

Related: Soulja Boy token sparks backlash after Base co-founder posts purchase receipt

The number of security incidents decreased by 162 counts year-over-year, indicating that blockchain cybersecurity measures are improving despite hackers aiming for larger targets.

The average amount lost per hack stood at $5.3 million, a 66% increase from the previous year. However, the median loss — a measure less influenced by outlier incidents — fell to $103,966, down 35.75% over the same period.

Cryptop hacks by incident type and amount of losses, one-year chart. Source: CertiK

Related: Solana AI token Ava hit by launch sniping tied to deployer: Bubblemaps

Code vulnerabilities fade as “pig butchering” scams threaten crypto savings

Phishing scams became the second-largest threat, costing crypto investors a cumulative $722 million across 248 incidents.

Recently, an investor lost their entire Bitcoin (BTC) retirement fund in an artificial intelligence-fueled romance scam, also known as a "pig butchering" scam, where the con artists used prolonged emotional manipulation to convince the investors to transfer their funds.

Pig butchering victim stats, grooming time. Source: Cyvers

Pig butchering scams are a subset of phishing scams that cost the industry a collective $5.5 billion in 2024, across 200,000 individual cases.

Notably, the average grooming period for victims is between one and two weeks in 35% of cases, while 10% of scams involve grooming periods of up to three months, according to blockchain security platform Cyvers.

In June, the US Department of Justice announced the seizure of over $225 million in crypto linked to pig butchering scams.

Magazine: Coinbase hack shows the law probably won’t protect you — Here’s why

Related Questions

QAccording to CertiK's data, what was the total amount stolen by crypto hackers in 2025 and what was the most damaging type of attack?

ACrypto hackers stole a total of $3.3 billion in 2025. The most damaging type of attack was supply-chain breaches, which accounted for $1.45 billion in losses.

QWhat does the report suggest about the trend in protocol-level security based on the decline in incident counts and median theft sizes?

AThe decline in incident counts and the drop in median theft sizes suggest that protocol-level security is improving. This is pushing attackers away from simple code vulnerabilities and toward more sophisticated methods like phishing and infrastructure-level attacks.

QWhat was the average amount lost per hack and how much did it change from the previous year?

AThe average amount lost per hack stood at $5.3 million, which was a 66% increase from the previous year.

QWhat are 'pig butchering' scams and how much did they cost the industry in 2024?

A'Pig butchering' scams are a subset of phishing scams that involve prolonged emotional manipulation to convince victims to transfer their funds. They cost the industry a collective $5.5 billion in 2024 across 200,000 individual cases.

QWhat significant action did the US Department of Justice take regarding pig butchering scams in June?

AIn June, the US Department of Justice announced the seizure of over $225 million in cryptocurrency that was linked to pig butchering scams.

Related Reads

Stuck Polymarket: The Real Test After Riding the Traffic Boom Has Arrived

Polymarket, a leading prediction market platform, is facing significant technical challenges as its growth outpaces its current infrastructure on Polygon. Users are experiencing laggy transactions, unresponsive orders, and delayed confirmations, severely impacting the trading experience. In response, DeFi Engineering VP Josh Stevens outlined a comprehensive engineering overhaul. The plan includes reducing on-chain data delays, fixing order cancellation issues, rebuilding the central limit order book (CLOB), improving website performance, and developing a unified SDK and API. A major revelation was the ongoing "chain migration," indicating a potential move away from Polygon. The core issue is that Polymarket has evolved from a simple prediction market into a high-frequency trading platform, making Polygon's limitations—such as block space, gas fees, and block time—a ceiling for further growth. The migration is not just a simple chain switch but a fundamental rebuild of its trading system to support more complex products like perpetual contracts (Perps). This announcement has sparked competition among chains like Solana, Sui, and Algorand, all vying to host Polymarket. For Polygon, losing this key application, which contributes significantly to its gas fee revenue, would be a major setback. The real test for Polymarket is no longer attracting users but proving it can provide a stable, reliable trading environment that retains them.

Odaily星球日报23m ago

Stuck Polymarket: The Real Test After Riding the Traffic Boom Has Arrived

Odaily星球日报23m ago

Key Lawmaker 'Relents', Wash's Biggest Obstacle to Assuming Fed Chair on May 15 Cleared

Key political opposition to Kevin Warsh's nomination as Federal Reserve Chair has been removed after Senator Thom Tillis (R-N.C.) withdrew his objection, clearing the way for a committee vote on April 29. Tillis had previously blocked the nomination due to a criminal investigation into current Chair Jerome Powell, which he viewed as a threat to Fed independence. The Justice Department has since dropped the investigation. Warsh, who has broad Republican support, is expected to be confirmed by the Senate in time for Powell’s term expiration on May 15. If confirmed, Warsh has signaled significant policy changes, including abolishing the "dot plot" of interest rate projections and reevaluating the Fed’s forward guidance framework. These changes could fundamentally alter the market’s pricing mechanisms for stocks, bonds, and currencies. Although the criminal case against Powell is closed, uncertainty remains as he retains his board seat until 2028. President Trump has not fully endorsed Powell, citing an ongoing review of Fed renovation spending. Warsh’s potential reforms target the communication tools developed post-2008, which have become foundational to global asset pricing.

marsbit46m ago

Key Lawmaker 'Relents', Wash's Biggest Obstacle to Assuming Fed Chair on May 15 Cleared

marsbit46m ago

Lowering Expectations for BTC's Next Bull Market

The author, Alex Xu, explains his decision to significantly reduce his Bitcoin holdings (from full to ~30% of his portfolio) during the current bull cycle, citing a lowered long-term outlook for BTC's price appreciation in the next cycle. He outlines six key reasons for this reduced expectation: 1. **Diminished Growth Drivers:** The narrative of exponential user adoption has largely played out with institutional ETF adoption. The next major growth phase—adoption by sovereign national reserves or central banks—seems unlikely in the near future. 2. **Personal Opportunity Cost:** More attractive investment opportunities have emerged in other assets, such as undervalued companies. 3. **Industry-Wide Contraction:** The broader crypto industry is struggling, with most Web3 business models (SocialFi, GameFi, DePIN) failing. This overall萧条 (depression) reduces the fundamental demand and consensus for Bitcoin. 4. **Strain on Major Buyer:** MicroStrategy, a major corporate buyer of BTC, faces rising financing expenses for its debt, which could slow its purchasing rate and create significant marginal pressure on the market. 5. **Increased Competition from Gold:** The emergence of "tokenized gold" has closed the functional gap (portability, divisibility) between physical gold and Bitcoin, offering a strong competitor in the non-sovereign store-of-value space. 6. **Security Budget Concerns:** The block reward halving continues to exacerbate the long-standing issue of funding Bitcoin's network security, with new fee source explorations like Ordinals and L2s largely failing. The author's decision to hold a significant (though reduced) position reflects a cautious, not bearish, outlook. He remains open to increasing his exposure if the fundamental reasons for his skepticism change or if new positive catalysts emerge.

marsbit1h ago

Lowering Expectations for BTC's Next Bull Market

marsbit1h ago

Prediction Markets Cannot Exist Without Insider Trading, But Insider Trading Is Killing Them

Prediction markets face a fundamental contradiction: they rely on insider trading to generate accurate prices, yet this same activity erodes public trust and threatens their survival. Recent scandals, such as a U.S. special forces member making $400,000 on Polymarket using classified information about a raid, highlight the severity of the issue. While platforms like Polymarket and Kalshi market themselves as venues where "everyone is an expert" and encourage informed trading, they also enforce policies against illegal insider trading. The core dilemma is that these markets depend on informed insiders for price efficiency but require uninformed retail participants to provide liquidity. If insider trading is too rampant, retail traders leave, perceiving the market as unfair. If restrictions are too strict, valuable information flow dries up, reducing the market’s predictive utility. The challenge is finding a balance that maintains both accuracy and perceived fairness—a task complicated by regulatory pressures and recurring scandals.

marsbit1h ago

Prediction Markets Cannot Exist Without Insider Trading, But Insider Trading Is Killing Them

marsbit1h ago

Can Iran 'Control' the Strait of Hormuz?

Iran has announced a comprehensive plan to assert control over the strategic Strait of Hormuz, a critical global oil shipping chokepoint. The proposed measures include requiring all vessels to obtain Iranian permission for passage, imposing fees for security, environmental protection, and navigation management—preferably paid in Iranian rials—and absolutely banning Israeli ships. Vessels from countries deemed hostile by Iran’s top security bodies may also be barred. Analysts suggest Iran’s motives are multifaceted: increasing pressure on the U.S. and Israel by leveraging control over oil transit to influence global prices and inflation; creating a new revenue stream, potentially exceeding $7.7 billion annually, to counter Western sanctions and support postwar reconstruction; and using transit permissions as bargaining chips in future negotiations, notably with the U.S. However, the plan faces significant practical and diplomatic challenges. Enforcing comprehensive interception and fee collection in the busy waterway, patrolled by international military forces, would be difficult. The U.S. has already countering with a blockade of Iranian ports and threats to intercept any ship paying fees, potentially strangling Iran’s oil exports and fee revenue. Broad international opposition, led by European and Gulf states, and legal controversies further complicate implementation. The proposal may ultimately serve more as a negotiating tactic than a feasible policy, with its execution remaining highly uncertain.

marsbit2h ago

Can Iran 'Control' the Strait of Hormuz?

marsbit2h ago

Trading

Spot
Futures
活动图片