Crypto hack counts fall but supply chain attacks reshape threat landscape

cointelegraphОпубліковано о 2025-12-23Востаннє оновлено о 2025-12-23

Анотація

New data from CertiK reveals that while crypto hackers stole $3.3 billion in 2025, the number of attacks fell sharply. Losses were concentrated in fewer, more damaging supply-chain attacks, which accounted for $1.45 billion across just two incidents, including the $1.4 billion Bybit hack. This shift indicates attackers are moving away from simple code vulnerabilities toward more sophisticated infrastructure-level exploits. The number of security incidents decreased by 162 year-over-year, suggesting improved protocol-level security. The median loss per hack fell 35.75% to $103,966, though the average loss rose to $5.3 million due to high-value outliers. Phishing scams were the second-largest threat, costing $722 million across 248 incidents. A significant subset was "pig butchering" romance scams, which used prolonged emotional manipulation and cost the industry $5.5 billion in 2024.

Crypto hackers stole $3.3 billion in 2025, but the number of attacks fell sharply as losses became concentrated in fewer, more sophisticated supply-chain exploits, according to new data from blockchain security firm CertiK shared with Cointelegraph.

While total losses remained elevated, the decline in incident counts and a drop in median theft sizes suggest that protocol-level security is improving, pushing attackers away from simple code vulnerabilities and toward phishing and infrastructure-level attacks.

CertiK said supply-chain breaches emerged as the most damaging threat, accounting for $1.45 billion in losses across just two incidents, including the $1.4 billion Bybit hack in February.

"The Bybit exploit signals that well-capitalized, well-coordinated threat actors are becoming more active across the ecosystem," the report said, predicting a rise in the “sophistication” of supply chain attacks as attackers target more infrastructure providers.

Crypto hacks by amount and incident, yearly chart. Source: CertiK

Related: Soulja Boy token sparks backlash after Base co-founder posts purchase receipt

The number of security incidents decreased by 162 counts year-over-year, indicating that blockchain cybersecurity measures are improving despite hackers aiming for larger targets.

The average amount lost per hack stood at $5.3 million, a 66% increase from the previous year. However, the median loss — a measure less influenced by outlier incidents — fell to $103,966, down 35.75% over the same period.

Cryptop hacks by incident type and amount of losses, one-year chart. Source: CertiK

Related: Solana AI token Ava hit by launch sniping tied to deployer: Bubblemaps

Code vulnerabilities fade as “pig butchering” scams threaten crypto savings

Phishing scams became the second-largest threat, costing crypto investors a cumulative $722 million across 248 incidents.

Recently, an investor lost their entire Bitcoin (BTC) retirement fund in an artificial intelligence-fueled romance scam, also known as a "pig butchering" scam, where the con artists used prolonged emotional manipulation to convince the investors to transfer their funds.

Pig butchering victim stats, grooming time. Source: Cyvers

Pig butchering scams are a subset of phishing scams that cost the industry a collective $5.5 billion in 2024, across 200,000 individual cases.

Notably, the average grooming period for victims is between one and two weeks in 35% of cases, while 10% of scams involve grooming periods of up to three months, according to blockchain security platform Cyvers.

In June, the US Department of Justice announced the seizure of over $225 million in crypto linked to pig butchering scams.

Magazine: Coinbase hack shows the law probably won’t protect you — Here’s why

Пов'язані питання

QAccording to CertiK's data, what was the total amount stolen by crypto hackers in 2025 and what was the most damaging type of attack?

ACrypto hackers stole a total of $3.3 billion in 2025. The most damaging type of attack was supply-chain breaches, which accounted for $1.45 billion in losses.

QWhat does the report suggest about the trend in protocol-level security based on the decline in incident counts and median theft sizes?

AThe decline in incident counts and the drop in median theft sizes suggest that protocol-level security is improving. This is pushing attackers away from simple code vulnerabilities and toward more sophisticated methods like phishing and infrastructure-level attacks.

QWhat was the average amount lost per hack and how much did it change from the previous year?

AThe average amount lost per hack stood at $5.3 million, which was a 66% increase from the previous year.

QWhat are 'pig butchering' scams and how much did they cost the industry in 2024?

A'Pig butchering' scams are a subset of phishing scams that involve prolonged emotional manipulation to convince victims to transfer their funds. They cost the industry a collective $5.5 billion in 2024 across 200,000 individual cases.

QWhat significant action did the US Department of Justice take regarding pig butchering scams in June?

AIn June, the US Department of Justice announced the seizure of over $225 million in cryptocurrency that was linked to pig butchering scams.

Пов'язані матеріали

Will MicroStrategy Fall into a Death Spiral? What Will the Macro Trend Be in the Second Half of the Year?

The podcast features investor Didier discussing the recent Bitcoin downturn and the evolving strategy of MicroStrategy (MSTR). He argues the core pressure is not macro factors or ETF outflows, but the market pricing in an expectation that MSTR will engage in continuous, small-scale Bitcoin sales to fund its increasing preferred stock and debt obligations under its "bitcoin-per-share neutrality" principle. This creates a structural headwind. However, he is cautiously optimistic a "death spiral" is avoidable without new major shocks, as market support is likely to emerge at a certain price point. Didier then posits that the AI-driven bull market in US stocks (semiconductors, data centers) is fundamentally driven by AI agents and tokens becoming the "new labor force," displacing human roles and boosting corporate margins. This shift toward a machine economy is still in its early stages. He comments on crypto exchanges adding US stock trading, viewing it as a natural move toward valuable real-world assets as truly valuable crypto-native assets remain scarce. For crypto-native traders, he suggests existing strategies (e.g., meme-chasing or value investing) can translate to similar assets in US markets. The discussion notes the severe liquidity damage from the "1011 event" (likely referring to a major market crash) has essentially ended the altcoin cycle, with speculative momentum shifting to the more liquid US stock market. Regarding the macroeconomic outlook for H2 2024, Didier expresses increased caution due to potential market pressure from upcoming mega-IPOs (e.g., SpaceX) and US midterm election risks. Long-term, he remains bullish on AI's productivity gains and its convergence with blockchain/Web3, which he sees maturing into a more institutional, real-asset-focused phase.

链捕手4 хв тому

Will MicroStrategy Fall into a Death Spiral? What Will the Macro Trend Be in the Second Half of the Year?

链捕手4 хв тому

Dylan Patel: Founder of SemiAnalysis, Praised by Jensen Huang, is a 'Beekeeper' and 'Forum Enthusiast'

Dylan Patel, founder of the independent research firm SemiAnalysis, has an unconventional background. A former beekeeper from rural Georgia, he entered the semiconductor world as a self-taught "forum warrior," discussing chip technology anonymously online from a young age. He launched the SemiAnalysis blog in May 2020, which later transitioned to a paid subscription model. The firm has grown from a one-person operation to a global team of around 60, with a dedicated teardown lab. Its detailed, technically-focused analysis on semiconductor supply chains, AI infrastructure, and products has earned significant industry recognition. Notably, NVIDIA founder Jensen Huang has publicly cited their reports. In a landmark case, a critical 2024 report on AMD's MI300X GPU software stack led to a 90-minute call with AMD CEO Lisa Su, who thanked him for the constructive feedback. SemiAnalysis later acknowledged AMD's improvements. The firm's influence on markets was seen when a report on NVIDIA's Rubin memory configuration was partially shared, affecting memory stock prices. Dylan Patel emphasized the importance of context, contrasting the shared excerpt with the report's actual title. SemiAnalysis, now a multi-faceted consultancy with revenue projected to reach $100 million, is known for its deep technical insights that influence major industry players and investment decisions.

marsbit55 хв тому

Dylan Patel: Founder of SemiAnalysis, Praised by Jensen Huang, is a 'Beekeeper' and 'Forum Enthusiast'

marsbit55 хв тому

Dylan Patel: SemiAnalysis, Praised by Jensen Huang, is Founded by a 'Beekeeper and Forum Warrior'

Dylan Patel, founder of the independent research firm SemiAnalysis, has an unconventional background. Growing up in rural Georgia, he later worked as a beekeeper in Minnesota. His entry into semiconductors began as a self-taught "forum warrior," engaging anonymously in online tech communities from a young age. In May 2020, he started the SemiAnalysis blog on WordPress, later moving it to Substack as a paid subscription service. The firm has since evolved from a one-person operation into a global company with around 60 employees, featuring a dedicated chip teardown lab. Its revenue, reaching $20 million last year, is projected to surpass $100 million this year. SemiAnalysis is highly regarded in the AI and semiconductor industry for its deep technical analysis. NVIDIA founder Jensen Huang has publicly praised its reports. In a notable instance, a critical report on AMD's MI300X GPU software shortcomings prompted a 90-minute call with CEO Lisa Su, who thanked Patel for the "constructive feedback." A later report acknowledged AMD's subsequent improvements. The firm's analyses have significant market impact. For example, a June report discussing potential memory configuration changes in NVIDIA's next-generation servers was cited as a factor in pressure on memory-related stocks. Patel plans to establish a venture capital firm, having already made personal investments in about 20 startups. SemiAnalysis combines roles as a consultancy, model platform, and tech lab, focusing on the practical bottlenecks in AI infrastructure.

Odaily星球日报59 хв тому

Dylan Patel: SemiAnalysis, Praised by Jensen Huang, is Founded by a 'Beekeeper and Forum Warrior'

Odaily星球日报59 хв тому

Ethereum Q1 Report: On-chain Activity Hits Record High, Tokenized Assets Lead the Industry

Ethereum Q1 2026 Report: On-chain activity hits record high, tokenized assets lead the industry. In Q1 2026, Ethereum's network experienced a unique divergence: on-chain activity soared while USD-denominated metrics declined. Monthly active users reached 13.2 million, transactions hit 200.4 million, and TPS averaged 25.78, all setting new highs. However, total value locked (TVL) fell 11.0% to $316.2B, DEX volume dropped 24.0% to $134.5B, and ETH's fully diluted market cap fell 30.3% to $290B. A key driver was the Blob Parameter Fork (BPO#2) in January, which increased data capacity and caused a sharp 47.9% drop in layer-1 transaction fees despite higher usage. Etherean's tokenized asset market cap reached $203.4B, up 42.9% year-over-year. While stablecoins ($178.9B) saw a slight dip, tokenized funds ($19.4B, +73.1% YoY), commodities ($4.7B, +325.9% YoY), and stocks ($365.1M) grew strongly. Ethereum dominates cross-chain comparisons, holding 71% of TVL, 79.2% of active loans, 61.8% of stablecoins, and 73% of tokenized funds among top chains. The report highlights a "Jevons Paradox" scenario: network expansion reduces per-transaction costs but unleashes latent demand, driving long-term growth. Ethereum's strategy mirrors Amazon's early focus on scale over profit. Its open, neutral foundation is seen as critical for institutional adoption, as evidenced by growing activity from firms like BlackRock and JPMorgan. The roadmap targets further scalability, aiming for thousands of TPS by 2029 to solidify its role as a global financial settlement layer.

marsbit1 год тому

Ethereum Q1 Report: On-chain Activity Hits Record High, Tokenized Assets Lead the Industry

marsbit1 год тому

CryptoQuant Metric Signals Whale Accumulation Near Bitcoin $64K Support

A CryptoQuant analysis indicates a significant spike in Bitcoin's Spot Average Order Size around the $64,000 price support level. This metric, calculated by dividing traded volume by the number of trades, suggests increased activity from larger market participants, potentially signaling whale accumulation during the recent price pullback. While this pattern near a key support zone can imply that sizable buyers are absorbing selling pressure, the report cautions that the metric is not definitive on its own. Large order sizes can sometimes reflect exchange operations rather than directional buying. Therefore, the signal is considered more meaningful when combined with other factors like price stabilization. The observation adds a layer to the market narrative, suggesting the correction has attracted larger capital alongside retail fear. However, it does not guarantee a bottom or a bullish reversal. The $64,000 area remains critical, and Bitcoin's ability to hold this support and advance past resistance will ultimately determine the significance of the accumulation signal amidst ongoing macro and ETF-flow risks.

bitcoinist1 год тому

CryptoQuant Metric Signals Whale Accumulation Near Bitcoin $64K Support

bitcoinist1 год тому

Торгівля

Спот
Ф'ючерси
活动图片