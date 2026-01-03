MENAFN - Crypto Breaking) Crypto Phishing Attacks Decline Sharply in 2025

In 2025, crypto phishing attacks linked to wallet drainers saw a dramatic reduction, with total losses plummeting by 83% to approximately $83.85 million. Despite this downturn, security experts warn that phishing remains a persistent threat, closely tied to market cycles and user activity levels. The year's most active quarter, coinciding with Ethereum 's strongest rally, recorded nearly $31 million in losses, highlighting the ongoing risks within the ecosystem.



Phishing-related losses in crypto declined significantly in 2025, totaling around $83.85 million.

The highest losses occurred during Ethereum 's peak rally in Q3, with $31 million lost.

Largest single phishing theft was $6.5 million via a permit signature attack in September. New attack vectors emerged post-Ethereum upgrades, including EIP-7702-based malicious signatures.

Analysis of 2025 Phishing Trends

Analysis from the Web3 security platform Scam Sniffer reveals that phishing attacks involving wallet drainers dropped sharply, with losses reducing from nearly half a billion dollars in 2024 to approximately $84 million in 2025. The number of victims also fell by 68%, reflecting a gradual improvement in ecosystem security. However, despite the decline, the report emphasizes that phishing remains a significant threat, with activity closely linked to market conditions.

The third quarter marked the peak of phishing losses, coinciding with Ethereum's most robust rally of the year, which attracted increased onchain activity. Monthly losses oscillated from $2.04 million in quieter December to $12.17 million during August's boom period. The report notes that phishing mainly operates as a probability function of user activity-more engagement leads to higher victimization rates.

The most substantial single theft in 2025 involved a $6.5 million permit signature attack in September, underscoring the persistent effectiveness of this attack vector. Additionally, a new threat emerged following the Ethereum upgrade: malicious signatures based on EIP-7702, which exploit account abstraction. August saw two major incidents of this type, resulting in losses of approximately $2.54 million, illustrating how quickly attackers adapt to protocol upgrades.

Interestingly, large-scale incidents declined, with only 11 cases exceeding $1 million, down from 30 in 2024. Nonetheless, cybercriminals increasingly favor lower-value, high-volume schemes, as indicated by the average loss per victim dropping to around $790. This shift points to a focus on retail-level targeting over high-profile raids.

The report concludes that the“drainer ecosystem remains active-while older drainers exit, new ones quickly fill the void,” emphasizing the ongoing need for vigilance amidst evolving attack methods.

December Cybersecurity Harm Substantially Reduced

December 2025 saw a significant drop in crypto-related losses from hacks and exploits, totaling around $76 million, down 60% from November's $194.2 million, according to PeckShield. The month recorded 26 major incidents, including a $50 million address poisoning scam and a $27.3 million leak involving a multi-signature wallet. This downturn suggests improved overall security, although persistent threats remain prevalent.

