Las tasas de pérdida por el phishing criptográfico cayeron un 83% en 2025, pero el ecosistema del agujero de la cartera 'se mantiene activo'

Crypto phishing losses tied to wallet drainers

, dropping to $83.85 million from nearly $494 million in 2024. The number of victims also declined significantly to 106, a 68% drop year over year . Despite the decrease, the report warned that phishing activity remained active, closely following market trends and exploiting periods of heightened onchain activity .

The drop in losses corresponded with a cooling of the crypto market, but phishing attacks remained a cyclical threat, surging during market rallies. The third quarter of 2025 saw the highest phishing losses at $31 million,

. Monthly losses ranged from $2.04 million in December to $12.17 million in August, .

The largest single phishing incident in 2025 was a $6.5 million loss in September,

. Permit-based attacks accounted for 38% of losses in incidents exceeding $1 million .

Why Did This Happen?

Phishing activity remained active in 2025, but the nature of attacks evolved. Larger-scale incidents declined, with only 11 cases exceeding $1 million in 2025,

. Attackers increasingly favored smaller, higher-frequency strategies, .

The report noted that phishing activity is highly correlated with market conditions. When onchain activity is high, more users are exposed to potential phishing risks

. The report warned that phishing is a "probability function of user activity," and thus, market volatility directly impacts the likelihood of successful attacks .

What Are Analysts Watching Next?

A new attack vector emerged in 2025 with the implementation of EIP-7702. Shortly after Ethereum's Pectra upgrade, attackers exploited account abstraction to bundle multiple harmful actions into a single user signature

. Two major EIP-7702 cases in August 2025 resulted in $2.54 million in losses, .

Scam Sniffer emphasized that the wallet drainer ecosystem remained active, with old players exiting and new ones entering the space

. Despite a drop in trackable losses, the report suggested that phishing attacks may have shifted to more sophisticated, harder-to-track methods, such as private key compromises and targeted social engineering .

How Is the Industry Responding?

The broader threat landscape saw a shift in tactics,

and frontend exploits. In a separate report, SlowMist noted that 2025 saw total crypto hack losses of $2.935 billion, a 46% increase from 2024, despite a 51% drop in the number of incidents . DeFi remained a primary target, with 126 incidents and $649 million in losses .

Centralized exchanges also experienced significant breaches, with Bybit suffering a $1.46 billion loss in February 2025,

. The report highlighted that attackers increasingly targeted high-value, centralized chokepoints rather than low-value, high-frequency attacks .

Regulatory enforcement also intensified in 2025,

in stolen funds across 18 major incidents. Anti-Money Laundering (AML) and Know Your Customer (KYC) protocols became baseline requirements for platforms operating in the crypto space .

Outlook for 2026

Despite a reduction in phishing losses, the threat persists and evolves. The report noted that attackers are adapting to protocol upgrades and shifting toward more sophisticated methods, such as AI-driven social engineering and malware-as-a-service models

.

Scam Sniffer advised that wallet security integration and user education remain critical defenses against phishing attacks

. As the market moves into 2026, the report warned that phishing activity may rise again with increased onchain activity, particularly during market rallies .

The decline in trackable losses may also reflect a shift toward less visible attack vectors, such as private key compromises and targeted phishing campaigns

. The threat landscape is now bifurcated: mass phishing for retail users and sophisticated, high-value attacks for institutional targets .

The numbers may have changed, but the threat remains active. As attackers continue to evolve, the crypto industry must remain vigilant in defending against emerging risks

.