Crypto Hack Counts Fall but Supply Chain Attacks Reshape Threat Landscape
In 2025, crypto hackers stole $3.3 billion, with overall attack numbers dropping sharply. Losses concentrated in fewer but more sophisticated supply-chain exploits, with two major incidents accounting for $1.45 billion, including a $1.4 billion Bybit hack. Improved protocol-level security has shifted hacker focus from simple code vulnerabilities to phishing and infrastructure-level attacks. The average loss per hack increased to $5.3 million, but the median fell to $103,966, indicating fewer large-scale incidents. Phishing scams were the second largest threat, responsible for $722 million across 248 cases. "Pig butchering" scams, a form of phishing involving emotional manipulation, cost victims $5.5 billion in 2024. Grooming periods for these scams typically last between one to twelve weeks. The US Department of Justice seized over $225 million in crypto from such scams. Overall, blockchain security is improving, but attacks are growing in sophistication and scale.
