Crypto Hack Counts Fall but Supply Chain Attacks Reshape Threat Landscape

Crypto hackers stole $3.3 billion in 2025, but the variety of assaults fell sharply as losses grew to become concentrated in fewer, extra refined supply-chain exploits, in response to new information from blockchain safety agency CertiK shared with Cointelegraph.

Whereas complete losses remained elevated, the decline in incident counts and a drop in median theft sizes counsel that protocol-level safety is enhancing, pushing attackers away from easy code vulnerabilities and towards phishing and infrastructure-level assaults.

CertiK mentioned supply-chain breaches emerged as probably the most damaging menace, accounting for $1.45 billion in losses throughout simply two incidents, together with the $1.4 billion Bybit hack in February.

“The Bybit exploit indicators that well-capitalized, well-coordinated menace actors have gotten extra lively throughout the ecosystem,” the report mentioned, predicting an increase within the “sophistication” of provide chain assaults as attackers goal extra infrastructure suppliers.

Associated: Soulja Boy token sparks backlash after Base co-founder posts purchase receipt

The variety of safety incidents decreased by 162 counts year-over-year, indicating that blockchain cybersecurity measures are enhancing regardless of hackers aiming for bigger targets.

The typical quantity misplaced per hack stood at $5.3 million, a 66% enhance from the earlier 12 months. Nevertheless, the median loss — a measure much less influenced by outlier incidents — fell to $103,966, down 35.75% over the identical interval.

Associated: Solana AI token Ava hit by launch sniping tied to deployer: Bubblemaps

Code vulnerabilities fade as “pig butchering” scams threaten crypto financial savings

Phishing scams grew to become the second-largest menace, costing crypto buyers a cumulative $722 million throughout 248 incidents.

Just lately, an investor misplaced their whole Bitcoin (BTC) retirement fund in a man-made intelligence-fueled romance scam, often known as a “pig butchering” rip-off, the place the con artists used extended emotional manipulation to persuade the buyers to switch their funds.

Pig butchering scams are a subset of phishing scams that price the business a collective $5.5 billion in 2024, throughout 200,000 particular person circumstances.

Notably, the typical grooming interval for victims is between one and two weeks in 35% of circumstances, whereas 10% of scams contain grooming durations of as much as three months, in response to blockchain safety platform Cyvers.

In June, the US Division of Justice introduced the seizure of over $225 million in crypto linked to pig butchering scams.

Journal: Coinbase hack shows the law probably won’t protect you — Here’s why