Hackers caused $76 million in damage to crypto industry in one month

Hackers caused $76 million in damage to crypto industry in one month
How much did hackers steal in December 2025

​In December, total losses across the crypto industry from hacks amounted to about $76 million — a 60% drop compared with November, when damages were estimated at $194.2 million. This was reported by blockchain security firm PeckShield.

A total of 26 major incidents occurred in December. The most notable case involved a user losing $50 million due to an address poisoning scam. This type of attack involves an attacker sending small amounts of cryptocurrency to a victim from a wallet address that closely resembles a legitimate recipient’s address. The idea is simple: the victim fails to notice the difference and eventually sends funds to the fraudulent address by mistake.

Typically, the first and last four characters of the addresses match, with attackers hoping the victim will select the “poisoned” address from their transaction history without carefully checking the full string.

Another user lost approximately $27.3 million due to a private key leak during a multisignature wallet hack, PeckShield noted.

Although the decline in total stolen funds is a positive sign, users should remain highly cautious and continue following basic security practices to avoid falling victim to common scams.

How to reduce the risk of crypto attacks

Among the most notable incidents in December, PeckShield highlighted the Christmas Trust Wallet hack, which resulted in $7 million in user losses, as well as an attack on the Flow protocol that caused roughly $3.9 million in damages.

In the case of Trust Wallet, the vulnerability affected its browser extension. Browser-based wallets are constantly connected to the internet, and this design can increase exposure to certain cybersecurity threats.

One of the safest storage options remains hardware wallets — offline devices similar to USB drives that keep private keys completely disconnected from the internet.

The risk of address poisoning scams can be almost entirely eliminated by carefully checking every character of the destination address multiple times, rather than briefly glancing at it or selecting an address from transaction history.

As a reminder, the largest crypto hack of last year was the attack on the Bybit exchange.

This material may contain third-party opinions, none of the data and information on this webpage constitutes investment advice according to our Disclaimer. While we adhere to strict Editorial Integrity, this post may contain references to products from our partners.
Weekly Top Bonuses
up to $2,500
deposit bonus for all clients
CLAIM BONUS
Your capital is at risk.