Crypto hack counts fall but supply chain attacks reshape threat landscape

cointelegraphPublicado a 2025-12-23Actualizado a 2025-12-23

Resumen

New data from CertiK reveals that while crypto hackers stole $3.3 billion in 2025, the number of attacks fell sharply. Losses were concentrated in fewer, more damaging supply-chain attacks, which accounted for $1.45 billion across just two incidents, including the $1.4 billion Bybit hack. This shift indicates attackers are moving away from simple code vulnerabilities toward more sophisticated infrastructure-level exploits. The number of security incidents decreased by 162 year-over-year, suggesting improved protocol-level security. The median loss per hack fell 35.75% to $103,966, though the average loss rose to $5.3 million due to high-value outliers. Phishing scams were the second-largest threat, costing $722 million across 248 incidents. A significant subset was "pig butchering" romance scams, which used prolonged emotional manipulation and cost the industry $5.5 billion in 2024.

Crypto hackers stole $3.3 billion in 2025, but the number of attacks fell sharply as losses became concentrated in fewer, more sophisticated supply-chain exploits, according to new data from blockchain security firm CertiK shared with Cointelegraph.

While total losses remained elevated, the decline in incident counts and a drop in median theft sizes suggest that protocol-level security is improving, pushing attackers away from simple code vulnerabilities and toward phishing and infrastructure-level attacks.

CertiK said supply-chain breaches emerged as the most damaging threat, accounting for $1.45 billion in losses across just two incidents, including the $1.4 billion Bybit hack in February.

"The Bybit exploit signals that well-capitalized, well-coordinated threat actors are becoming more active across the ecosystem," the report said, predicting a rise in the “sophistication” of supply chain attacks as attackers target more infrastructure providers.

Crypto hacks by amount and incident, yearly chart. Source: CertiK

Related: Soulja Boy token sparks backlash after Base co-founder posts purchase receipt

The number of security incidents decreased by 162 counts year-over-year, indicating that blockchain cybersecurity measures are improving despite hackers aiming for larger targets.

The average amount lost per hack stood at $5.3 million, a 66% increase from the previous year. However, the median loss — a measure less influenced by outlier incidents — fell to $103,966, down 35.75% over the same period.

Cryptop hacks by incident type and amount of losses, one-year chart. Source: CertiK

Related: Solana AI token Ava hit by launch sniping tied to deployer: Bubblemaps

Code vulnerabilities fade as “pig butchering” scams threaten crypto savings

Phishing scams became the second-largest threat, costing crypto investors a cumulative $722 million across 248 incidents.

Recently, an investor lost their entire Bitcoin (BTC) retirement fund in an artificial intelligence-fueled romance scam, also known as a "pig butchering" scam, where the con artists used prolonged emotional manipulation to convince the investors to transfer their funds.

Pig butchering victim stats, grooming time. Source: Cyvers

Pig butchering scams are a subset of phishing scams that cost the industry a collective $5.5 billion in 2024, across 200,000 individual cases.

Notably, the average grooming period for victims is between one and two weeks in 35% of cases, while 10% of scams involve grooming periods of up to three months, according to blockchain security platform Cyvers.

In June, the US Department of Justice announced the seizure of over $225 million in crypto linked to pig butchering scams.

Magazine: Coinbase hack shows the law probably won’t protect you — Here’s why

Preguntas relacionadas

QAccording to CertiK's data, what was the total amount stolen by crypto hackers in 2025 and what was the most damaging type of attack?

ACrypto hackers stole a total of $3.3 billion in 2025. The most damaging type of attack was supply-chain breaches, which accounted for $1.45 billion in losses.

QWhat does the report suggest about the trend in protocol-level security based on the decline in incident counts and median theft sizes?

AThe decline in incident counts and the drop in median theft sizes suggest that protocol-level security is improving. This is pushing attackers away from simple code vulnerabilities and toward more sophisticated methods like phishing and infrastructure-level attacks.

QWhat was the average amount lost per hack and how much did it change from the previous year?

AThe average amount lost per hack stood at $5.3 million, which was a 66% increase from the previous year.

QWhat are 'pig butchering' scams and how much did they cost the industry in 2024?

A'Pig butchering' scams are a subset of phishing scams that involve prolonged emotional manipulation to convince victims to transfer their funds. They cost the industry a collective $5.5 billion in 2024 across 200,000 individual cases.

QWhat significant action did the US Department of Justice take regarding pig butchering scams in June?

AIn June, the US Department of Justice announced the seizure of over $225 million in cryptocurrency that was linked to pig butchering scams.

Lecturas Relacionadas

NVIDIA's $20 Billion Bond Issuance Adds Fuel to the Story of Bitcoin Miners Transitioning to AI

Nvidia is reportedly joining the AI bond issuance wave, planning to raise at least $20 billion through a multi-tranche bond offering. This financing move underscores sustained high market demand for AI infrastructure and data centers. It also highlights a growing trend among Bitcoin miners, who are pivoting to repurpose their high-power facilities and existing energy agreements into high-performance computing and AI hosting sites. Companies like HIVE Digital, TeraWulf, Hut 8, and CleanSpark are shifting their business models from solely relying on Bitcoin mining revenue to becoming providers of data center computing power. The primary driver for this transition is the increasingly challenging economics of Bitcoin mining, especially following the April 2024 halving event. The combination of the halving, persistently high mining difficulty, and operational costs has severely squeezed profit margins, leading miners to sell BTC reserves and seek alternative revenue streams. Analysts note that major mining firms are expected to increasingly transform into AI infrastructure suppliers, capitalizing on the ongoing AI construction boom to secure new growth opportunities.

marsbitHace 18 min(s)

NVIDIA's $20 Billion Bond Issuance Adds Fuel to the Story of Bitcoin Miners Transitioning to AI

marsbitHace 18 min(s)

The Shutdown of Claude Mythos Revealed the True Cost of Renting AI to Me

The sudden shutdown of Claude Mythos this week starkly highlights a critical, often overlooked risk for founders: when your core capability relies entirely on someone else's platform, your fate is not in your own hands. The key question becomes: who truly owns the intelligence your product depends on? For years, the debate around open-source models focused on cost. Now, the evidence is clear: fine-tuned open-source models can achieve frontier-level quality for specific, mission-critical tasks at a fraction of the cost. However, the deeper issue is control. Relying on a third-party API is like renting; it works until the landlord changes the rules, raises the rent, or asks you to leave—as Mythos experienced. The lesson is not to stop using frontier models—they are incredible infrastructure. The goal is ownership. Ownership means starting with a powerful open-source model and shaping it around what makes your company unique: your data, workflows, domain expertise, and definition of "good." Over time, the model becomes less generic and more reflective of your business, creating durable value. The optimistic conclusion is that AI's future doesn't hinge on one superior model. There is no single frontier. The frontier includes proprietary models, models fine-tuned on company-specific knowledge, specialized models for narrow problems, and intelligent routers orchestrating model ensembles. The most interesting development is not models getting smarter, but intelligence becoming increasingly customizable. The winning companies will be those that transform intelligence into a unique, owned asset. Looking ahead, the vision is not one model dominating all, but many teams owning the part of the frontier that matters most to them.

marsbitHace 35 min(s)

The Shutdown of Claude Mythos Revealed the True Cost of Renting AI to Me

marsbitHace 35 min(s)

Tiger Research: U.S. Strategic Bitcoin Reserve - Should the Market Be Happy or Disappointed?

Tiger Research analyzes the evolution of U.S. legislative efforts regarding a strategic Bitcoin reserve, concluding the market impact is limited in the short term but potentially positive long-term. The core event was a March 2025 executive order by former President Trump, which designated confiscated Bitcoin as a strategic reserve and promised not to sell existing holdings (approx. 190k BTC). As it contained no mandate to purchase new Bitcoin, the market reacted negatively, with prices dropping 5.7%. Legislative history shows a significant retreat from initial ambitions. The 2024 "BITCOIN Act" proposed mandatory purchases of 1 million BTC over five years. Reintroduced in 2025, it stalled due to high fiscal costs, concerns over dollar hegemony, and opposition from the Treasury Secretary. The current frontrunner, the 2026 "American Retirement and Monetary Advancement (ARMA) Act," is a compromise. It lacks any purchase requirement, instead focusing on consolidating existing government-held Bitcoin and legally prohibiting its sale for at least 20 years. While ARMA has higher passage odds due to bipartisan support and no purchase mandate, its immediate market effect is neutral. It eliminates potential government selling pressure but creates no new demand. The long-term significance is that formally establishing Bitcoin as a national reserve asset in law could later reignite debates on mandatory purchases. Therefore, the path to a government buyer is longer than initially priced by the market, but the directional narrative remains intact.

marsbitHace 38 min(s)

Tiger Research: U.S. Strategic Bitcoin Reserve - Should the Market Be Happy or Disappointed?

marsbitHace 38 min(s)

The Calculation Behind Plasma's U Card with Free Claude Membership

Plasma has launched a three-tiered "U Card" (Visa stablecoin debit card) system, introducing a new demand mechanism for its XPL token through membership lock-ups. The cards offer increasing benefits: * **Lite:** Free, 2% cashback, no lock-up. * **Core:** Costs $120/year or requires locking 10,000 XPL for 12 months. Offers 3% cashback, 5% AI spending cashback (on up to $500/month), and a ChatGPT Go subscription. * **Platinum:** Requires locking 100,000 XPL for 12 months. Offers 4% cashback, 10% AI cashback, Claude Pro & ChatGPT Plus subscriptions, and extensive travel/insurance benefits. The analysis suggests Lite is for trialing, Core's value depends on substantial AI spending, and Platinum is mainly for existing large XPL holders due to the significant lock-up value and price volatility risk. The primary impact is creating a non-speculative use case for XPL. Locking XPL for card tiers can reduce circulating supply, helping counter future token unlocks and inflation. However, the system's success depends on real user adoption for daily spending, not just acquiring cards for rewards. The program expands Plasma's reach from a pure stablecoin transfer chain into consumer finance, tying XPL's utility to real-world payment frequency.

Foresight NewsHace 41 min(s)

The Calculation Behind Plasma's U Card with Free Claude Membership

Foresight NewsHace 41 min(s)

US Stock Market Trend (June 16): SpaceX Rises 42% in Two Days, New Fed Chairman Takes Office Today

**U.S. Stocks Trend (June 16): SpaceX Soars 42% in Two Days, New Fed Chair Takes Office Today** Markets surged on Monday following former President Trump's social media announcement of a completed U.S.-Iran deal to reopen the Strait of Hormuz, pending a June 19 signing. The news triggered a broad risk-on rally: oil prices crashed, tech stocks soared, bond yields fell, and defensive sectors lagged. **Market Performance:** The Nasdaq jumped 3.07%, led by semiconductor stocks like Micron (+9.2%). The S&P 500 gained 1.65%, and the Dow rose 0.92% to a record high. However, the Russell 2000 small-cap index underperformed (+0.72%). SpaceX continued its hot streak, rising another 5% pre-market after disclosures of large buys by an Australian billionaire and Cathie Wood's ARK. Boeing also rallied on the transportation optimism. Conversely, energy stocks like Chevron fell over 3% on the oil price plunge, with other defensive sectors also selling off. The day's action showed a clear rotation of funds from energy/defensive plays into AI and tech narratives. **Macro & Outlook:** The VIX fear index fell 8.37%. Treasury yields declined, and WTI crude dropped over 5%. Attention now shifts to a packed schedule: the Bank of Japan is widely expected to hike rates to 1.0% on Tuesday. The Fed's June meeting concludes Wednesday, marking new Chair Wash's debut. While rates are expected to hold, his tone on stubborn inflation and the "dot plot" will be crucial for gauging the 2024 rate path. The formal Iran deal signing is set for Friday. **Trend Perspective:** While the peace deal is a genuine positive, Monday's explosive rally may have gotten ahead of itself, pricing in a swift resolution to inflation concerns. The shortened trading week faces a triple test: BoJ tightening, the Fed's policy stance, and deal implementation details. Tech and semiconductors, which led the surge, remain vulnerable to any disappointment from these key events. The real price discovery begins with the central banks' communications this week.

marsbitHace 59 min(s)

US Stock Market Trend (June 16): SpaceX Rises 42% in Two Days, New Fed Chairman Takes Office Today

marsbitHace 59 min(s)

Trading

Spot
Futuros
活动图片