Криптофишинг в 2025 году: убытки сократились, но угрозы остаются Translation: Crypto Phishing in 2025: Losses Decreased, but Threats Remain

The amount of funds stolen through phishing attacks has dropped by 83%, totaling $83.85 million in 2025, according to a report by SlowMist.

In 2024, this figure reached $494 million. The number of affected users has also declined, with 106,106 individuals falling victim to cybercriminals, representing a 68% decrease from the previous year.

Analysts found a direct correlation between market activity and the success of attacks. The peak of thefts occurred in the third quarter, coinciding with an Ethereum rally. In August and September, scammers accounted for about 29% of the annual total stolen (over $31 million).

In the fourth quarter, as the market cooled, the activity of drainers plummeted to a minimum, causing only $2.04 million in losses in December.

Key attack methods include:

The largest single theft of the year occurred in September, when a user lost $6.5 million due to a fake Permit signature.

Experts have cautioned that a decrease in figures does not mean the threat has vanished. The ecosystem of drainers is evolving, exhibiting a split between mass phishing targeting retail users and sophisticated attacks on major projects.

*“If the markets recover, hacker activity is likely to rise along with them,”* the researchers emphasized.

Despite the decline in phishing drainer activity, the overall damage to the crypto industry surged significantly in 2025. SlowMist analysts recorded 200 security incidents with total losses amounting to $2.935 billion.

For comparison, there were twice as many attacks in 2024 (410), but the stolen amount was lower, at $2.013 billion. The year’s trend shows that while the number of breaches is decreasing, the «average check» and severity of consequences are rising.

Ethereum remained the most targeted ecosystem, suffering $183 million in losses. It was followed by Solana and Arbitrum, each facing losses of around $17 million.

In 2025, the focus of attacks shifted from decentralized protocols to large centralized platforms (CeFi).

The DeFi sector still leads in the number of incidents (126 hacks, accounting for 63% of the total). However, the overall damage in this direction decreased by 37% to $649 million.

There were only 22 incidents in the CeFi segment, but losses were massive—$1.8 billion.

The main «event of the year» was the hacking of the Bybit exchange, where attackers made off with assets worth $1.46 billion. Experts linked the attack to North Korean hackers.

The top three incidents also included attacks on Cetus Protocol ($230 million) and Balancer V2 ($121 million).

Hackers are increasingly shifting away from technical hacks in favor of manipulating individuals. The report identified key schemes:

Cybercriminals target software supply chains, infecting multiple users at once.

Artificial intelligence has become a powerful tool for scammers. Deepfake technology is used to create videos featuring famous personalities endorsing scam projects.

There have been cases of corporate fraud: an employee of a Hong Kong company transferred large sums to criminals after a video conference where all his «colleagues» and «bosses» were generated in real-time by a neural network.

Moreover, hackers utilize AI models (like Gemini or Claude) to write and continuously modify malicious code in order to evade antivirus systems.

It is important to note that since the beginning of the year, hackers have stolen cryptocurrencies valued at over $3.4 billion, according to Chainalysis.