Crypto Exploits Drop 60% in December 2025 as Only $76 Million Stolen Across 26 Incidents

Cryptocurrency-related hacks and cybersecurity exploits fell sharply in December 2025, with blockchain security firm PeckShield reporting just $76.2 million stolen across 26 incidents — a 60% decline from November’s $194.2 million in losses. While the numbers signal a welcome reprieve, the breadth and variety of attack vectors remain a stark reminder that the crypto ecosystem is far from secure.

TL;DR

• Crypto exploit losses dropped 60% in December 2025 to $76.2 million across 26 incidents (PeckShield)
• The largest single attack was a $50 million address-poisoning scam
• A $27.3 million multisig wallet breach and a $22 million babur.sol exploit ranked among the top incidents
• Despite December’s decline, 2025 saw over $2.2 billion lost in the top 10 hacks alone
• Attackers are shifting from protocol-level exploits to social engineering and supply-chain attacks

December’s Top Incidents

The single largest loss in December 2025 was a staggering $50 million address-poisoning scam, in which attackers mimicked wallet addresses to trick a victim into misdirecting funds to a fraudulent destination. Address poisoning has become an increasingly common vector in the crypto space, exploiting the tendency of users to copy wallet addresses from their transaction history rather than verifying each character individually.

The second-largest incident involved a $27.3 million multisig wallet breach targeting a wallet identified as 0xde5f…e965, which was compromised through a private key leak. Multisig wallets, often considered more secure than single-key setups, remain vulnerable when individual signers’ keys are compromised through phishing, malware, or insider threats.

The babur.sol exploit resulted in approximately $22 million in losses, while the Trust Wallet Chrome extension hack — involving a trojanized update pushed through a leaked Chrome Web Store API key — led to $8.5 million in user fund thefts. Two additional incidents rounded out the month: Unleash Protocol lost $3.9 million after an attacker seized control of its multisig governance and executed an unauthorized contract upgrade, and the Flow blockchain suffered a $3.9 million breach caused by an execution layer vulnerability that enabled the attacker to mint and transfer assets across services before the network was halted.

A Shifting Threat Landscape

The December data reveals a notable shift in how attackers are targeting the crypto ecosystem. Protocol-level smart contract exploits, once the dominant attack vector, are giving way to social engineering tactics, supply-chain compromises, and private key theft. The $50 million address-poisoning scam and the Trust Wallet supply-chain attack exemplify this evolution — both relied on deceiving users or compromising trusted infrastructure rather than exploiting code vulnerabilities.

At the time of these incidents, Bitcoin was trading around $88,490 and Ethereum near $3,006. Solana traded at approximately $125.80, BNB at $857.86, and XRP at $1.90. The relatively stable market conditions during December suggest that exploit activity was not driven by market volatility but rather by persistent, ongoing threat operations.

2025 in Review: A Costly Year Despite December’s Dip

While December’s $76.2 million figure represents a significant improvement, the broader 2025 picture paints a far more sobering reality. Over $2.2 billion was lost across the top 10 hacks alone during the year, making 2025 one of the costliest years on record for crypto security incidents.

The Bybit hack in February 2025 remains the most devastating single incident, with attackers draining approximately 401,000 ETH ($1.4 billion) from the exchange’s wallets. Other major incidents included the Cetus DEX exploit on Sui, which lost $223 million in May after attackers manipulated pricing through a protocol flaw; the Balancer V2 exploit in November, which resulted in $128 million in losses due to a rounding-error bug in composable stable pools; and the Bitget VOXEL market manipulation that cost roughly $100 million in April.

Centralized exchanges were not spared either. Phemex suffered an $85 million hot wallet breach in January, and Iran-based Nobitex lost $80–90 million from hot wallets in June. In each case, the platforms froze withdrawals, protected remaining assets, and worked to restore services.

Key Takeaways for Crypto Users

• Verify wallet addresses character by character — Address poisoning scams rely on visual similarity. Always double-check the full address before sending funds.
• Use hardware wallets for significant holdings — Hot wallets and browser extensions remain vulnerable to supply-chain attacks and malware.
• Be cautious with multisig setups — Multisig wallets are only as secure as their individual signers. Protect private keys with the same rigor as single-key wallets.
• Update software promptly — The Trust Wallet incident shows that malicious updates can be pushed through official channels. Apply security patches immediately when incidents are disclosed.
• Stay informed — The threat landscape evolves constantly. Following blockchain security firms like PeckShield, SlowMist, and ZachXBT provides early warning of emerging threats.

Why This Matters

The 60% drop in December exploit losses is encouraging, but it should not breed complacency. The crypto industry lost more than $2.2 billion to hacks in 2025, and the diversity of attack vectors — from address poisoning to supply-chain compromises to execution layer vulnerabilities — demonstrates that threat actors are becoming more sophisticated, not less. As the ecosystem grows and attracts more capital, the incentive for attackers only increases.

The shift from protocol-level exploits to social engineering and infrastructure attacks suggests that the industry’s investments in smart contract security are paying off, but new attack surfaces are emerging faster than they can be secured. For users, developers, and platforms alike, a layered security approach that addresses both code and human factors is no longer optional — it is essential.

Disclaimer: This article is for informational purposes only and does not constitute financial or security advice. Always verify information through official sources and conduct your own research before making decisions about your cryptocurrency holdings.