Ongoing Exploit Siphons Small Amounts From Hundreds of Crypto Wallets

PeckShield reported that total losses from crypto exploits in December 2025 fell to $76 million, a 60% drop from November's $194.2 million. Despite the overall decline, several significant incidents occurred, including a $50 million address-poisoning scam and a $27.3 million breach involving a multi-signature wallet.

Blockchain security firm PeckShield noted 26 major crypto exploits during the month, including one involving a private key leak in a multisig wallet. Address-poisoning scams, where attackers create lookalike wallet addresses, remained a common attack vector.

Browser-based wallets continue to attract attackers due to their constant online presence. In December, Trust Wallet and the Flow protocol were among the most affected according to Cointelegraph. Using hardware wallets, which store private keys offline, is considered one of the safest methods for long-term asset storage according to Cointelegraph.

Why Did This Happen?

Address-poisoning attacks rely on attackers creating wallet addresses with similar characters to legitimate ones, often by matching the first and last four characters. This technique exploits user inattention when sending funds, particularly when users rely on transaction history according to Global Newswire.

Private key leaks also contributed to December's losses. Multi-signature wallets were compromised when attackers gained unauthorized access. PeckShield highlighted that the breach emphasizes ongoing risks related to key management in multi-signature systems.

How Can Users Protect Themselves?

Security experts recommend several steps to minimize the risk of exploitation. Users should verify the entire destination address before sending funds, avoid using saved transaction histories, and keep private keys offline. Hardware wallets are widely considered the most secure option for storing large amounts of cryptocurrency.

PeckShield also emphasized the importance of staying informed about common attack vectors. Attackers continue to refine techniques, making vigilance and education critical for protecting assets.

What Are Analysts Watching Next?

Industry experts caution that the decline in stolen funds does not necessarily indicate a lasting shift in cybercrime trends. Instead, attackers are likely adapting their methods to exploit new vulnerabilities. Analysts are monitoring the adoption of hardware wallets and improvements in blockchain security practices to gauge whether these measures will reduce overall losses in the future.

The Trust Wallet incident, where $7 million was stolen through its browser extension, has also drawn attention. The company has since delayed the release of an updated browser extension due to issues with the Chrome Web Store. This delay has further emphasized the need for robust supply chain security in crypto wallet development.