Crypto hack counts fall but supply chain attacks reshape threat landscape

cointelegraphPublicado a 2025-12-23Actualizado a 2025-12-23

Resumen

New data from CertiK reveals that while crypto hackers stole $3.3 billion in 2025, the number of attacks fell sharply. Losses were concentrated in fewer, more damaging supply-chain attacks, which accounted for $1.45 billion across just two incidents, including the $1.4 billion Bybit hack. This shift indicates attackers are moving away from simple code vulnerabilities toward more sophisticated infrastructure-level exploits. The number of security incidents decreased by 162 year-over-year, suggesting improved protocol-level security. The median loss per hack fell 35.75% to $103,966, though the average loss rose to $5.3 million due to high-value outliers. Phishing scams were the second-largest threat, costing $722 million across 248 incidents. A significant subset was "pig butchering" romance scams, which used prolonged emotional manipulation and cost the industry $5.5 billion in 2024.

Crypto hackers stole $3.3 billion in 2025, but the number of attacks fell sharply as losses became concentrated in fewer, more sophisticated supply-chain exploits, according to new data from blockchain security firm CertiK shared with Cointelegraph.

While total losses remained elevated, the decline in incident counts and a drop in median theft sizes suggest that protocol-level security is improving, pushing attackers away from simple code vulnerabilities and toward phishing and infrastructure-level attacks.

CertiK said supply-chain breaches emerged as the most damaging threat, accounting for $1.45 billion in losses across just two incidents, including the $1.4 billion Bybit hack in February.

"The Bybit exploit signals that well-capitalized, well-coordinated threat actors are becoming more active across the ecosystem," the report said, predicting a rise in the “sophistication” of supply chain attacks as attackers target more infrastructure providers.

Crypto hacks by amount and incident, yearly chart. Source: CertiK

Related: Soulja Boy token sparks backlash after Base co-founder posts purchase receipt

The number of security incidents decreased by 162 counts year-over-year, indicating that blockchain cybersecurity measures are improving despite hackers aiming for larger targets.

The average amount lost per hack stood at $5.3 million, a 66% increase from the previous year. However, the median loss — a measure less influenced by outlier incidents — fell to $103,966, down 35.75% over the same period.

Cryptop hacks by incident type and amount of losses, one-year chart. Source: CertiK

Related: Solana AI token Ava hit by launch sniping tied to deployer: Bubblemaps

Code vulnerabilities fade as “pig butchering” scams threaten crypto savings

Phishing scams became the second-largest threat, costing crypto investors a cumulative $722 million across 248 incidents.

Recently, an investor lost their entire Bitcoin (BTC) retirement fund in an artificial intelligence-fueled romance scam, also known as a "pig butchering" scam, where the con artists used prolonged emotional manipulation to convince the investors to transfer their funds.

Pig butchering victim stats, grooming time. Source: Cyvers

Pig butchering scams are a subset of phishing scams that cost the industry a collective $5.5 billion in 2024, across 200,000 individual cases.

Notably, the average grooming period for victims is between one and two weeks in 35% of cases, while 10% of scams involve grooming periods of up to three months, according to blockchain security platform Cyvers.

In June, the US Department of Justice announced the seizure of over $225 million in crypto linked to pig butchering scams.

Magazine: Coinbase hack shows the law probably won’t protect you — Here’s why

Preguntas relacionadas

QAccording to CertiK's data, what was the total amount stolen by crypto hackers in 2025 and what was the most damaging type of attack?

ACrypto hackers stole a total of $3.3 billion in 2025. The most damaging type of attack was supply-chain breaches, which accounted for $1.45 billion in losses.

QWhat does the report suggest about the trend in protocol-level security based on the decline in incident counts and median theft sizes?

AThe decline in incident counts and the drop in median theft sizes suggest that protocol-level security is improving. This is pushing attackers away from simple code vulnerabilities and toward more sophisticated methods like phishing and infrastructure-level attacks.

QWhat was the average amount lost per hack and how much did it change from the previous year?

AThe average amount lost per hack stood at $5.3 million, which was a 66% increase from the previous year.

QWhat are 'pig butchering' scams and how much did they cost the industry in 2024?

A'Pig butchering' scams are a subset of phishing scams that involve prolonged emotional manipulation to convince victims to transfer their funds. They cost the industry a collective $5.5 billion in 2024 across 200,000 individual cases.

QWhat significant action did the US Department of Justice take regarding pig butchering scams in June?

AIn June, the US Department of Justice announced the seizure of over $225 million in cryptocurrency that was linked to pig butchering scams.

Lecturas Relacionadas

Strategy’s STRC Drop Shows The Risk Behind Bitcoin-Linked Credit Products

Strategy Inc.'s (formerly MicroStrategy) preferred stock, STRC, traded sharply below its $100 reference value during recent market stress, hitting an intraday low of $82.53. The company's CEO framed the drop as a "leverage flush"—forced selling by investors using borrowed money—rather than a fundamental default event. This distinction highlights that the selloff resulted from market mechanics and liquidity pressures, not missed payments by the issuer. The episode underscores the specific risks embedded in Bitcoin-linked credit products, which can behave differently from holding Bitcoin or common stock. As Bitcoin treasury strategies become more complex and financialized, instruments like preferred shares introduce additional layers of risk, including leverage, liquidity constraints, and sensitivity to Bitcoin's volatility. The STRC movement serves as a warning about the fragility of these structures in stressed markets, even when the underlying company remains solvent.

bitcoinistHace 5 hora(s)

Strategy’s STRC Drop Shows The Risk Behind Bitcoin-Linked Credit Products

bitcoinistHace 5 hora(s)

Australia’s High Court Hands ASIC Major Win In Block Earner Crypto Yield Case

Australia's High Court unanimously ruled in favor of the securities regulator ASIC in a case against crypto platform Block Earner. The court determined that Block Earner's historical 'Earner' fixed-yield product was a financial product and a derivative, requiring an Australian Financial Services Licence. This landmark decision establishes that crypto yield products promising structured returns can fall under existing financial services law, regardless of their digital asset nature. While the specific product is no longer offered, the ruling sets a significant precedent for how similar crypto investment and derivative-like offerings will be regulated in Australia. The case now returns to a lower court to determine penalties against Block Earner.

bitcoinistHace 8 hora(s)

Australia’s High Court Hands ASIC Major Win In Block Earner Crypto Yield Case

bitcoinistHace 8 hora(s)

Blockchain.com Expands Tokenized Stock Access Through Ondo Finance

Blockchain.com has expanded its partnership with Ondo Finance to integrate tokenized U.S. stocks and ETFs into its wallet ecosystem. This move allows eligible, primarily non-U.S., users to access traditional financial assets through a familiar crypto-native interface, blending real-world asset exposure with existing crypto holdings like stablecoins and DeFi tools. Ondo Finance, a key player in tokenizing assets like Treasuries and equities, gains a significant distribution channel through Blockchain.com's large user base. The partnership highlights the industry trend of making tokenized assets as accessible as ordinary crypto tokens, targeting global audiences who may face barriers using traditional brokerage services. While the tokenized real-world asset (RWA) market grows increasingly competitive, questions remain around custody, regulation, and market structure. Blockchain.com and Ondo are betting that seamless wallet integration can address these challenges and drive broader adoption.

bitcoinistHace 10 hora(s)

Blockchain.com Expands Tokenized Stock Access Through Ondo Finance

bitcoinistHace 10 hora(s)

CPU Makes a Comeback to the Table, A $170 Billion "Power Seizure" Drama Begins

A new era is dawning for the server CPU (Central Processing Unit), driven by the shift from AI model training to large-scale reasoning and the rise of Agentic AI. This article explores how the CPU is reclaiming a central role in the AI data center. For years, the focus has been on the GPU (Graphics Processing Unit) for AI training. However, as AI moves to the inference and Agent phase—where tasks involve complex, multi-step reasoning, tool calls, and data management—the workload balance is flipping. Studies show CPUs now handle over 70% of the workload in Agentic AI, up from 10-30% in training. This is because Agent tasks generate massive intermediate data (KV Cache) that exceeds GPU memory, forcing it to be offloaded to the CPU's larger, more scalable memory pools. This increased importance is translating into market changes. Major players are taking note: NVIDIA launched its first standalone CPU line, Vera, based on ARM architecture and optimized for Agent performance. AMD doubled its server CPU market forecast to over $1200 billion by 2030. Analyst reports project the total server CPU market could reach $1700 billion by 2030, with AI-driven demand being a primary driver. Furthermore, the classic ratio of CPUs to GPUs in AI servers is rapidly changing, converging from 1:8 toward 1:1 for Agent deployments. This surge in demand has led to a rare industry-wide price increase of 10-15% for server CPUs from Intel and AMD, breaking a decade-long trend of "more performance for the same price." Demand is bifurcating into high-core-count CPUs for in-rack GPU support and moderate-core CPUs for standalone Agent task orchestration. In China, this global trend presents an opportunity for domestic CPU manufacturers like Hygon (海光信息) and Huawei Kunpeng, who are bolstered by both growing AI infrastructure needs and national policies promoting technological self-reliance ("xin chuang"). The maturity of their software ecosystems is also accelerating, evidenced by faster adaptation to new AI models. In conclusion, the narrative is shifting from a GPU-centric view to one where CPU-GPU synergy is critical. The CPU is no longer a peripheral component but a performance-defining bottleneck and a key growth driver in the AI hardware stack, opening a massive new market estimated in the hundreds of billions of dollars.

marsbitHace 10 hora(s)

CPU Makes a Comeback to the Table, A $170 Billion "Power Seizure" Drama Begins

marsbitHace 10 hora(s)

TechFlow Intelligence: AMD AI Director Publicly Criticizes Claude Code for "Becoming Dumber and Lazier", Trump Claims Full Ceasefire in Hormuz But Strait Still Has 80 Unexploded Mines

TechFlow Intelligence Report: This daily digest covers key developments in AI, crypto, hardware, and geopolitics. In AI, SK Telecom faces US export control scrutiny over its partnership with Anthropic, while a Gemini user reports being misled in a scam scenario, sparking safety debates. China's Z.AI launches the GLM-5.2 model, rivaling Claude Opus without NVIDIA chips. In crypto, Bithumb lists ReProtocol, and Upbit delists KernelDAO. On the hardware front, MIT researchers build a custom OS to study chips, ASML denies US claims its advanced lithography machines are in China, and Amazon considers selling its in-house AI chips. Apple's future A21 Pro chip may use TSMC's latest N2P process. Major tech issues include 10,000 GitHub repositories distributing malware and Apple patching a critical eavesdropping flaw in Beats earbuds. US stocks rise, led by semiconductors, with Intel surging 10.6%, while SpaceX falls 3.5%. Geopolitically, despite a US-Iran deal, the Strait of Hormuz remains risky with ~80 uncleared mines, stalling 80M barrels of oil on standby tankers. Iran postpones Switzerland talks, and Trump calls the agreement an "unconditional surrender." The report highlights a contrast: temporary geopolitical calm versus the ongoing, fundamental restructuring of tech supply chains and chip independence.

marsbitHace 10 hora(s)

TechFlow Intelligence: AMD AI Director Publicly Criticizes Claude Code for "Becoming Dumber and Lazier", Trump Claims Full Ceasefire in Hormuz But Strait Still Has 80 Unexploded Mines

marsbitHace 10 hora(s)

Trading

Spot
Futuros
活动图片