Crypto hack counts fall but supply chain attacks reshape threat landscape

cointelegraphPublicado em 2025-12-23Última atualização em 2025-12-23

Resumo

New data from CertiK reveals that while crypto hackers stole $3.3 billion in 2025, the number of attacks fell sharply. Losses were concentrated in fewer, more damaging supply-chain attacks, which accounted for $1.45 billion across just two incidents, including the $1.4 billion Bybit hack. This shift indicates attackers are moving away from simple code vulnerabilities toward more sophisticated infrastructure-level exploits. The number of security incidents decreased by 162 year-over-year, suggesting improved protocol-level security. The median loss per hack fell 35.75% to $103,966, though the average loss rose to $5.3 million due to high-value outliers. Phishing scams were the second-largest threat, costing $722 million across 248 incidents. A significant subset was "pig butchering" romance scams, which used prolonged emotional manipulation and cost the industry $5.5 billion in 2024.

Crypto hackers stole $3.3 billion in 2025, but the number of attacks fell sharply as losses became concentrated in fewer, more sophisticated supply-chain exploits, according to new data from blockchain security firm CertiK shared with Cointelegraph.

While total losses remained elevated, the decline in incident counts and a drop in median theft sizes suggest that protocol-level security is improving, pushing attackers away from simple code vulnerabilities and toward phishing and infrastructure-level attacks.

CertiK said supply-chain breaches emerged as the most damaging threat, accounting for $1.45 billion in losses across just two incidents, including the $1.4 billion Bybit hack in February.

"The Bybit exploit signals that well-capitalized, well-coordinated threat actors are becoming more active across the ecosystem," the report said, predicting a rise in the “sophistication” of supply chain attacks as attackers target more infrastructure providers.

Crypto hacks by amount and incident, yearly chart. Source: CertiK

Related: Soulja Boy token sparks backlash after Base co-founder posts purchase receipt

The number of security incidents decreased by 162 counts year-over-year, indicating that blockchain cybersecurity measures are improving despite hackers aiming for larger targets.

The average amount lost per hack stood at $5.3 million, a 66% increase from the previous year. However, the median loss — a measure less influenced by outlier incidents — fell to $103,966, down 35.75% over the same period.

Cryptop hacks by incident type and amount of losses, one-year chart. Source: CertiK

Related: Solana AI token Ava hit by launch sniping tied to deployer: Bubblemaps

Code vulnerabilities fade as “pig butchering” scams threaten crypto savings

Phishing scams became the second-largest threat, costing crypto investors a cumulative $722 million across 248 incidents.

Recently, an investor lost their entire Bitcoin (BTC) retirement fund in an artificial intelligence-fueled romance scam, also known as a "pig butchering" scam, where the con artists used prolonged emotional manipulation to convince the investors to transfer their funds.

Pig butchering victim stats, grooming time. Source: Cyvers

Pig butchering scams are a subset of phishing scams that cost the industry a collective $5.5 billion in 2024, across 200,000 individual cases.

Notably, the average grooming period for victims is between one and two weeks in 35% of cases, while 10% of scams involve grooming periods of up to three months, according to blockchain security platform Cyvers.

In June, the US Department of Justice announced the seizure of over $225 million in crypto linked to pig butchering scams.

Magazine: Coinbase hack shows the law probably won’t protect you — Here’s why

Perguntas relacionadas

QAccording to CertiK's data, what was the total amount stolen by crypto hackers in 2025 and what was the most damaging type of attack?

ACrypto hackers stole a total of $3.3 billion in 2025. The most damaging type of attack was supply-chain breaches, which accounted for $1.45 billion in losses.

QWhat does the report suggest about the trend in protocol-level security based on the decline in incident counts and median theft sizes?

AThe decline in incident counts and the drop in median theft sizes suggest that protocol-level security is improving. This is pushing attackers away from simple code vulnerabilities and toward more sophisticated methods like phishing and infrastructure-level attacks.

QWhat was the average amount lost per hack and how much did it change from the previous year?

AThe average amount lost per hack stood at $5.3 million, which was a 66% increase from the previous year.

QWhat are 'pig butchering' scams and how much did they cost the industry in 2024?

A'Pig butchering' scams are a subset of phishing scams that involve prolonged emotional manipulation to convince victims to transfer their funds. They cost the industry a collective $5.5 billion in 2024 across 200,000 individual cases.

QWhat significant action did the US Department of Justice take regarding pig butchering scams in June?

AIn June, the US Department of Justice announced the seizure of over $225 million in cryptocurrency that was linked to pig butchering scams.

Leituras Relacionadas

Qubic Launches Dogecoin Mining Phase 3: What It Means For DOGE

Qubic has fully transitioned to its Dogecoin-focused mining architecture, marking the start of Phase 3 and removing Monero from its operations. The new system dedicates ASICs entirely to mining Dogecoin (DOGE) while CPUs and GPUs are used to train its AI framework, Aigarth—both running simultaneously at full capacity without alternating. The project claims this model offers higher profitability, reporting a 32% increase in daily earnings compared to traditional DOGE mining pools. Additionally, Qubic uses a circular capital mechanism where mined DOGE is sold to buy back its native token QU, which is then distributed to participants. While Qubic’s current hashrate share remains small (around 0.086%), the shift represents a tangible entry into Dogecoin mining. The focus now is on whether the project can scale its operations and impact DOGE mining landscape meaningfully. At the time of writing, DOGE was trading at $0.09791.

bitcoinistHá 1h

Qubic Launches Dogecoin Mining Phase 3: What It Means For DOGE

bitcoinistHá 1h

The Last XRP Wave E Resistance To Watch Before The Surge

XRP is approaching a critical technical resistance zone between $1.50 and $1.53, identified by analyst CasiTrades as the final Wave E resistance in its current consolidation phase. This level is reinforced by a confluence of Fibonacci extensions, retracements, and a descending trendline. Holding above the $1.39 support is essential for maintaining the bullish structure. Momentum indicators like RSI suggest room for upward movement, though a rejection near resistance could lead to a retracement toward $1.09–$0.87. The analysis also notes that Bitcoin's movement toward $79,000 may influence XRP's timing near this key level.

bitcoinistHá 2h

The Last XRP Wave E Resistance To Watch Before The Surge

bitcoinistHá 2h

Bitcoin Could Survive Sale Of Satoshi’s Coins, On-Chain Expert Says

On-chain analyst James Check argues that a potential quantum-enabled sale of Satoshi-era Bitcoin would not be an existential threat to the market, despite concerns. While approximately 6.934 million BTC are theoretically vulnerable due to exposed public keys, Check contends the real risk is much smaller. He identifies only 1.716 million BTC in old P2PK outputs as the primary concern, comparing a full liquidation to 60-90 days of typical sell-side pressure in a bull market—significant but not fatal. Check emphasizes that the core debate is less about market impact and more about the philosophical principle of whether Bitcoin should intervene to freeze vulnerable coins or preserve absolute property rights.

bitcoinistHá 2h

Bitcoin Could Survive Sale Of Satoshi’s Coins, On-Chain Expert Says

bitcoinistHá 2h

Long-Term Outlooks Suggest Ozak AI Could Sustain Multi-Dollar Price Levels Through Multiple Market Cycles

Long-term analyst outlooks suggest Ozak AI ($OZ) could sustain multi-dollar price levels across multiple market cycles, rather than retracing after an initial spike. Currently priced at $0.014 in presale with over $6.8M raised, the project is viewed as a long-term AI infrastructure asset rather than a short-term trade. Key factors supporting this view include its utility-driven demand, capital-efficient pricing structure, and ecosystem integrations with partners like Pyth Network and SINT. Analysts highlight that Ozak AI’s lower initial valuation requires smaller capital inflows to maintain higher price zones, increasing the likelihood of stability in the $3–$5 range as adoption grows. The platform’s AI Prediction Agents, data vaults, and EigenLayer AVS validation are expected to generate persistent token demand through various market conditions.

TheNewsCryptoHá 3h

Long-Term Outlooks Suggest Ozak AI Could Sustain Multi-Dollar Price Levels Through Multiple Market Cycles

TheNewsCryptoHá 3h

Transcending Cycles, Defining the Future: BIT Hosts Global Asset Strategy Sharing Session in Hong Kong, Exploring New Paradigms of Web3 and Traditional Markets

Amid a shifting global macroeconomic landscape, BIT, a global digital asset financial services group, hosted the "Global Asset Strategy Forum" in Hong Kong on April 22, 2026, under the theme "Transcending Cycles, Defining the Future." The event brought together industry leaders from financial institutions, crypto platforms, and professional service firms to explore new paradigms in Web3 and traditional markets. Key discussions centered on cross-market investment opportunities, regulatory pathways for compliant stablecoins, and the role of precious metals like gold and silver in the digital economy. BIT Founding Partner Cynthia Wu highlighted the institutionalization of the digital asset sector, noting its evolution from early retail-driven speculation to a phase marked by clearer regulation, the approval of spot ETFs, and the rise of Real-World Assets (RWA). She emphasized RWA’s role in bridging the gap between traditional finance and digital assets. Speakers observed a structural "reversal" between Web3 and traditional markets: Web3 is becoming more rational and profit-oriented, while traditional markets, especially U.S. equities driven by AI, are attracting concentrated capital and attention. The U.S. "Goldilocks" economic environment and AI commercialization were noted as key factors supporting risk assets. In stablecoin discussions, panelists emphasized the importance of regulatory compliance, asset-backed reserves, and transparency, noting that algorithmic stablecoins remain uncertain from a regulatory perspective. For RWA, gold was discussed as a macro-sensitive asset, with its value closely tied to interest rates, dollar strength, and geopolitical factors. The forum concluded that the digital asset industry is transitioning from narrative-driven growth to structure-driven, cross-market integration, with a focus on institutional participation and trust-based financial infrastructure. Disclaimer: This summary is for informational purposes only and does not constitute investment advice.

marsbitHá 3h

Transcending Cycles, Defining the Future: BIT Hosts Global Asset Strategy Sharing Session in Hong Kong, Exploring New Paradigms of Web3 and Traditional Markets

marsbitHá 3h

Trading

Spot
Futuros
活动图片

Categorias popularesright-arrow

Etiquetas Popularesright-arrow