Crypto hack counts fall but supply chain attacks reshape threat landscape

cointelegraphОпубліковано о 2025-12-23Востаннє оновлено о 2025-12-23

Анотація

New data from CertiK reveals that while crypto hackers stole $3.3 billion in 2025, the number of attacks fell sharply. Losses were concentrated in fewer, more damaging supply-chain attacks, which accounted for $1.45 billion across just two incidents, including the $1.4 billion Bybit hack. This shift indicates attackers are moving away from simple code vulnerabilities toward more sophisticated infrastructure-level exploits. The number of security incidents decreased by 162 year-over-year, suggesting improved protocol-level security. The median loss per hack fell 35.75% to $103,966, though the average loss rose to $5.3 million due to high-value outliers. Phishing scams were the second-largest threat, costing $722 million across 248 incidents. A significant subset was "pig butchering" romance scams, which used prolonged emotional manipulation and cost the industry $5.5 billion in 2024.

Crypto hackers stole $3.3 billion in 2025, but the number of attacks fell sharply as losses became concentrated in fewer, more sophisticated supply-chain exploits, according to new data from blockchain security firm CertiK shared with Cointelegraph.

While total losses remained elevated, the decline in incident counts and a drop in median theft sizes suggest that protocol-level security is improving, pushing attackers away from simple code vulnerabilities and toward phishing and infrastructure-level attacks.

CertiK said supply-chain breaches emerged as the most damaging threat, accounting for $1.45 billion in losses across just two incidents, including the $1.4 billion Bybit hack in February.

"The Bybit exploit signals that well-capitalized, well-coordinated threat actors are becoming more active across the ecosystem," the report said, predicting a rise in the “sophistication” of supply chain attacks as attackers target more infrastructure providers.

*Crypto hacks by amount and incident, yearly chart. Source: CertiK*

Related: Soulja Boy token sparks backlash after Base co-founder posts purchase receipt

The number of security incidents decreased by 162 counts year-over-year, indicating that blockchain cybersecurity measures are improving despite hackers aiming for larger targets.

The average amount lost per hack stood at $5.3 million, a 66% increase from the previous year. However, the median loss — a measure less influenced by outlier incidents — fell to $103,966, down 35.75% over the same period.

*Cryptop hacks by incident type and amount of losses, one-year chart. Source: CertiK*

Related: Solana AI token Ava hit by launch sniping tied to deployer: Bubblemaps

Code vulnerabilities fade as “pig butchering” scams threaten crypto savings

Phishing scams became the second-largest threat, costing crypto investors a cumulative $722 million across 248 incidents.

Recently, an investor lost their entire Bitcoin (BTC) retirement fund in an artificial intelligence-fueled romance scam, also known as a "pig butchering" scam, where the con artists used prolonged emotional manipulation to convince the investors to transfer their funds.

*Pig butchering victim stats, grooming time. Source: Cyvers*

Pig butchering scams are a subset of phishing scams that cost the industry a collective $5.5 billion in 2024, across 200,000 individual cases.

Notably, the average grooming period for victims is between one and two weeks in 35% of cases, while 10% of scams involve grooming periods of up to three months, according to blockchain security platform Cyvers.

In June, the US Department of Justice announced the seizure of over $225 million in crypto linked to pig butchering scams.

Magazine: Coinbase hack shows the law probably won’t protect you — Here’s why

Пов'язані питання

QAccording to CertiK's data, what was the total amount stolen by crypto hackers in 2025 and what was the most damaging type of attack?

ACrypto hackers stole a total of $3.3 billion in 2025. The most damaging type of attack was supply-chain breaches, which accounted for $1.45 billion in losses.

QWhat does the report suggest about the trend in protocol-level security based on the decline in incident counts and median theft sizes?

AThe decline in incident counts and the drop in median theft sizes suggest that protocol-level security is improving. This is pushing attackers away from simple code vulnerabilities and toward more sophisticated methods like phishing and infrastructure-level attacks.

QWhat was the average amount lost per hack and how much did it change from the previous year?

AThe average amount lost per hack stood at $5.3 million, which was a 66% increase from the previous year.

QWhat are 'pig butchering' scams and how much did they cost the industry in 2024?

A'Pig butchering' scams are a subset of phishing scams that involve prolonged emotional manipulation to convince victims to transfer their funds. They cost the industry a collective $5.5 billion in 2024 across 200,000 individual cases.

QWhat significant action did the US Department of Justice take regarding pig butchering scams in June?

AIn June, the US Department of Justice announced the seizure of over $225 million in cryptocurrency that was linked to pig butchering scams.

Пов'язані матеріали

Sam Bankman-Fried Wants A New Token To Repay FTX Victims, But Could It Happen?

Sam Bankman-Fried (SBF) is reportedly expressing a personal hope for a new token project to repay FTX victims. However, this claim is heavily caveated by his legal reality. A US appeals court recently upheld his 25-year prison sentence, creating significant barriers to him launching any such project. The article frames these comments as subjective and not an active, credible plan. While the idea attracts attention due to FTX's massive collapse and the broader question of using tokens for restitution, the story emphasizes the legal and practical hurdles. The core narrative is the tension between SBF's reported personal aspiration and the established legal proceedings governing victim repayment.

bitcoinist2 год тому

Sam Bankman-Fried Wants A New Token To Repay FTX Victims, But Could It Happen?

bitcoinist2 год тому

BlackRock Launches Covered-Call Bitcoin ETF Under BITA Ticker

BlackRock has launched the iShares Bitcoin Premium Income ETF (ticker: BITA), a new bitcoin product that generates income using a covered-call options strategy linked to its iShares Bitcoin Trust (IBIT). Unlike a plain spot bitcoin ETF, BITA aims to provide monthly income by selling call options, offering investors a yield-focused alternative to direct bitcoin holdings or DeFi protocols. This strategy involves a trade-off: it can perform well in sideways markets by collecting premiums but may underperform pure spot bitcoin during strong rallies. The launch signals the evolution of the bitcoin ETF market beyond simple access products toward sophisticated strategies like income generation and hedging. BITA is targeted at investors and advisors who believe in bitcoin's long-term thesis but seek a smoother, income-oriented product within a traditional brokerage account. It is not a replacement for spot bitcoin exposure but rather a different tool that packages bitcoin's volatility into a strategy familiar to traditional markets. Understanding this trade-off is crucial for evaluating its performance, especially during major bitcoin price increases.

bitcoinist4 год тому

BlackRock Launches Covered-Call Bitcoin ETF Under BITA Ticker

bitcoinist4 год тому

David Schwartz Backs XRP Ledger 3.2.0 Upgrade With Major XRPL Hub Move

David Schwartz, co-creator of XRP Ledger and Ripple's CTO, has moved a major XRPL hub to version 3.2.0, a transition completed in under ten minutes. This upgrade follows the ledger's core software being renamed "xrpld" to distinguish it from Ripple. Key improvements include up to 40% better memory optimization and the fixCleanup3_2_0 amendment, enhancing security for features like vaults and decentralized exchanges. The update also introduces new tools for developers and invariant checks for ledger integrity. Concurrently, network governance updates include changes to the Unique Node List. The move underscores the commitment to maintaining the latest software across the XRPL ecosystem.

TheNewsCrypto5 год тому

David Schwartz Backs XRP Ledger 3.2.0 Upgrade With Major XRPL Hub Move

TheNewsCrypto5 год тому

Why Is the World Nervous About Japan Raising Interest Rates?

In June 2026, the Bank of Japan raised its policy rate to 1%, marking its first hike to this level since 1995. While this rate remains low compared to global peers like the US and Europe, the move signals a profound shift for a nation that has been a global source of ultra-cheap funding for decades. Japan's long-standing near-zero or negative interest rates had facilitated massive "yen carry trades," where international investors borrowed low-cost yen to invest in higher-yielding assets worldwide, such as US tech stocks and emerging market bonds. This made Japan a critical, often overlooked, source of global liquidity. Japan's ultra-loose policy stemmed from structural challenges post-1990s asset bubble: aging demographics, chronic low inflation/deflation, and high public debt. Recent shifts, including sustained wage growth (exceeding 5% in recent years) and inflation consistently above the 2% target, have created a "wage-price spiral" possibility, prompting the policy normalization. The global market's concern lies not in the absolute rate but in the potential unwinding of the yen carry trade. As Japanese borrowing costs rise, the economics of these leveraged global investments change, potentially triggering deleveraging and capital outflows from risk assets. Market anxiety focuses on the end of a thirty-year consensus that Japan would perpetually provide cheap funding. Ultimately, the global impact will depend on the interplay with US monetary policy. While Japan is tightening, the significant interest rate differential with the US remains. The key future dynamic is whether simultaneous Japanese hikes and eventual US rate cuts will narrow this gap, forcing a major recalibration of global capital flows and asset pricing built on an era of abundant, cheap yen liquidity.

marsbit6 год тому

Why Is the World Nervous About Japan Raising Interest Rates?

marsbit6 год тому

Congress Advances CBDC Ban Until 2030 Through Major Housing Reform Bill

Congress has passed the 21st Century Road to Housing Act, a bipartisan bill primarily focused on housing reform to improve affordability and supply. Included within it is a significant provision that bans the Federal Reserve from issuing a central bank digital currency (CBDC) or "digital dollar" before December 31, 2030. The measure defines a CBDC as a dollar-denominated digital asset, a direct liability of the Fed, accessible to all Americans. Proponents argue the ban allows more time to study a digital dollar's impacts and addresses concerns about privacy, financial surveillance, and government overreach in digital payments. The provision specifically targets a retail CBDC but does not restrict permissionless blockchain networks. This crypto-related language, embedded in broader housing legislation, has drawn considerable attention for its potential to shape the future of digital assets and payments in the U.S. The bill's final passage will determine if the ban takes effect for the next decade.

TheNewsCrypto7 год тому

Congress Advances CBDC Ban Until 2030 Through Major Housing Reform Bill

TheNewsCrypto7 год тому

Торгівля

Спот

Ф'ючерси