Crypto Phishing Losses Crash By 83% In 2025 – Details

bitcoinist2026-01-04 tarihinde yayınlandı2026-01-04 tarihinde güncellendi

Özet

Crypto phishing losses plummeted by 83% in 2025, falling from $494 million to $83.85 million, with victim count dropping 68% to 106,106. Despite the decline, Web3 security firm Scam Sniffer warns this does not indicate reduced threat levels, as losses correlated with market activity—peaking in Q3 during high user engagement. A new threat emerged with EIP-7702 exploits, enabling bundled malicious transactions via account abstraction. Permit/Permit2 signatures remained the leading attack method, responsible for 38% of large-case losses. Major incidents included a $1.46 billion breach by the Lazarus group. While reported losses fell, attackers may be shifting to harder-to-track methods like private key theft or targeted social engineering.

Phishing losses fell drastically in 2025 by over 83% compared to the previous year. However, the underlying data show that reduced figures do not translate to a decline in security threats.

Crypto Phishing Losses Down From $494M To $84M In 2025

A phishing attack occurs when an unsuspecting user is tricked into giving up sensitive information or signing off on malicious transactions. In the crypto space, signature phishing attacks are a major security concern and are facilitated using wallet drainers.

According to Web3 security outfit Scam Sniffer, total phishing losses in 2025 were valued at $83.85 million across 106,106 victims, representing respective drops of 83% and 68% from 2024. There were also 11 large cases of theft over $1 million compared to 30 in 2024. Meanwhile, the single largest theft was a $6.5 million loss via a permit signature attack in September, which was 8x lower than that of 2024.

While the latest figures represent a significant decline from the previous year, Scam Sniffer analysts state there is no direct translation to decreased market threat as losses moved in parallel with the market cycle. Therefore, losses increased or decreased in relation to the global crypto user activity.

Notably, monthly losses varied from $2.04 million in December to $12.17 million in August. However, Q3, which was the busiest market period, accounted for the largest portion (29% i.e $31 million) of the yearly losses. However, figures dropped to $13 million in Q4, as user activity cooled off.

Related Reading: Aave Founder Responds To Governance Tension With Strategic Plan – Details

EIP-7702 Emerges As Latest Phishing Signature Type

According to Scam Sniffer’s report, EIP-7702 exploitation emerged as a new threat in the signature-based wallet-drainer ecosystem. Leveraging account abstraction introduced in the Pectra upgrade in May 2025, attackers can bundle multiple malicious operations into a single signature.

Notably, the largest EIP-7702 losses, with two incidents culminating in $2.54 million, were recorded in August. Meanwhile, Permit/ Permit2 signature types lead the space, accounting for $8.72 million in losses across three major incidents, I.e. 38% of all large-case losses.

Beyond signature phishing types, Scam Sniffer also highlighted other phishing attack types that threaten the crypto space. The Bybit incident in February stands out, after the Lazarus group breached a Safe (Wallet) developer machine and launched a program that imitated the multi-sig interface, resulting in losses of $1.46 billion.

In conclusion, while reported signature phishing losses have declined, the threat landscape remains active. Moreover, the fall in trackable losses may suggest attackers are employing harder-to-track vectors such as private key breaches or targeted social engineering.

Total crypto market cap valued at $3.08 trillion on the daily chart | Source: TOTAL chart on Tradingview.com

İlgili Sorular

QWhat was the percentage decrease in crypto phishing losses from 2024 to 2025 according to Scam Sniffer?

AThere was an 83% decrease in crypto phishing losses from 2024 to 2025.

QWhat new type of phishing signature emerged as a threat in 2025, and which Ethereum upgrade did it leverage?

AEIP-7702 exploitation emerged as a new threat, leveraging the account abstraction introduced in the Pectra upgrade in May 2025.

QDespite the drop in losses, why do analysts caution that this does not mean the market threat has declined?

AAnalysts state that losses moved in parallel with the market cycle, meaning they increased or decreased in relation to global crypto user activity, not because the underlying security improved.

QWhich quarter of 2025 accounted for the largest portion of the yearly phishing losses, and how much was it?

AQ3 of 2025 accounted for the largest portion of the yearly losses at 29%, which was $31 million.

QWhat was the single largest theft via a permit signature attack in 2025, and how did it compare to 2024?

AThe single largest theft was a $6.5 million loss via a permit signature attack in September, which was 8 times lower than the largest theft in 2024.

İlgili Okumalar

Little Pepe (LILPEPE) vs Bonk—Cross-Chain Meme Coin Battle Heats up as Demand Surges

The meme coin competition is shifting from community hype to technological and ecosystem advantages. This analysis contrasts Bonk, an established token on the Solana network known for its speed and low costs, with the newer Little Pepe ($LILPEPE), currently in its presale phase. Bonk leverages its mature community and Solana's infrastructure, while Little Pepe differentiates itself with a Layer 2 Ethereum solution promising tax-free trading, staking rewards, and enhanced scalability. To drive engagement, Little Pepe is offering substantial giveaways totaling $777,000. Both coins, despite their different strategies—Bonk as a proven ecosystem and Little Pepe as an early-stage utility project—are capturing significant market attention as demand surges.

TheNewsCrypto45 dk önce

Little Pepe (LILPEPE) vs Bonk—Cross-Chain Meme Coin Battle Heats up as Demand Surges

TheNewsCrypto45 dk önce

Crypto Crime Hit Hard: $700 Million Frozen By DOJ Strike Force

A US law enforcement task force has frozen over $700 million in cryptocurrency linked to investment scams targeting Americans. The operation, which involved cooperation from crypto exchanges and legal processes, also took down more than 500 fraudulent websites and a Telegram channel used to recruit victims. Two Chinese nationals were named in arrest warrants for operating a scam compound in Burma. In a related move, the US State Department announced a $10 million reward for information disrupting scam centers in Burma. Singaporean authorities, alongside major crypto exchanges and analytics firms, also prevented nearly $3 million in losses through a parallel operation. The scale of cybercrime remains vast, with the FBI reporting over $20 billion in losses in 2025.

bitcoinist1 saat önce

Crypto Crime Hit Hard: $700 Million Frozen By DOJ Strike Force

bitcoinist1 saat önce

Toncoin Fees To Drop 6x As Network Moves Toward Feeless Transactions

Telegram founder Pavel Durov announced that the Toncoin (TON) network will reduce transaction fees by six times in one week, lowering the cost to just 0.00039 TON (approximately $0.0005). This fee reduction is part of the "Make TON Great Again" (MTONGA) roadmap and will remain fixed regardless of network congestion. The update follows a recent upgrade that made the network 10 times faster and transactions nearly instant. Durov also hinted that future steps aim to make most transactions fully feeless. Although Telegram discontinued formal involvement with TON due to regulatory issues, Durov remains a strong supporter. Currently, Toncoin is trading around $1.30, down over 8% in the past week.

bitcoinist2 saat önce

Toncoin Fees To Drop 6x As Network Moves Toward Feeless Transactions

bitcoinist2 saat önce

a16z: AI's 'Amnesia', Can Continuous Learning Cure It?

The article "a16z: AI's 'Amnesia' – Can Continual Learning Cure It?" explores the limitations of current large language models (LLMs), which, like the protagonist in the film *Memento*, are trapped in a perpetual present—unable to form new memories after training. While methods like in-context learning (ICL), retrieval-augmented generation (RAG), and external scaffolding (e.g., chat history, prompts) provide temporary solutions, they fail to enable true internalization of new knowledge. The authors argue that compression—the core of learning during training—is halted at deployment, preventing models from generalizing, discovering novel solutions (e.g., mathematical proofs), or handling adversarial scenarios. The piece introduces *continual learning* as a critical research direction to address this, categorizing approaches into three paths: 1. **Context**: Scaling external memory via longer context windows, multi-agent systems, and smarter retrieval. 2. **Modules**: Using pluggable adapters or external memory layers for specialization without full retraining. 3. **Weights**: Enabling parameter updates through sparse training, test-time training, meta-learning, distillation, and reinforcement learning from feedback. Challenges include catastrophic forgetting, safety risks, and auditability, but overcoming these could unlock models that learn iteratively from experience. The conclusion emphasizes that while context-based methods are effective, true breakthroughs require models to compress new information into weights post-deployment, moving from mere retrieval to genuine learning.

marsbit2 saat önce

a16z: AI's 'Amnesia', Can Continuous Learning Cure It?

marsbit2 saat önce

Can a Hair Dryer Earn $34,000? Deciphering the Reflexivity Paradox in Prediction Markets

An individual manipulated a weather sensor at Paris Charles de Gaulle Airport with a portable heat source, causing a Polymarket weather market to settle at 22°C and earning $34,000. This incident highlights a fundamental issue in prediction markets: when a market aims to reflect reality, it also incentivizes participants to influence that reality. Prediction markets operate on two layers: platform rules (what outcome counts as a win) and data sources (what actually happened). While most focus on rules, the real vulnerability lies in the data source. If reality is recorded through a specific source, influencing that source directly affects market settlement. The article categorizes markets by their vulnerability: 1. **Single-point physical data sources** (e.g., weather stations): Easily manipulated through physical interference. 2. **Insider information markets** (e.g., MrBeast video details): Insiders like team members use non-public information to trade. Kalshi fined a剪辑师 $20,000 for insider trading. 3. **Actor-manipulated markets** (e.g., Andrew Tate’s tweet counts): The subject of the market can control the outcome. Evidence suggests Tate’sociated accounts coordinated to profit. 4. **Individual-action markets** (e.g., WNBA disruptions): A single person can execute an event to profit from their pre-placed bets. Kalshi and Polymarket handle these issues differently. Kalshi enforces strict KYC, publicly penalizes insider trading, and reports to regulators. Polymarket, with its anonymous wallet-based system, has historically been more permissive, arguing that insider information improves market accuracy. However, it cooperated with authorities in the "Van Dyke case," where a user traded on classified government information. The core paradox is reflexivity: prediction markets are designed to discover truth, but their financial incentives can distort reality. The more valuable a prediction becomes, the more likely participants are to influence the event itself. The market ceases to be a mirror of reality and instead shapes it.

marsbit3 saat önce

Can a Hair Dryer Earn $34,000? Deciphering the Reflexivity Paradox in Prediction Markets

marsbit3 saat önce

İşlemler

Spot

Futures