- Annual phishing losses tied to wallet drainers fell 83% to $83.9 million in 2025.
- The number of victims dropped to 106, a 68% decline from 2024.
- Permit-based approvals remained a top attack tool, and a single September Permit theft totaled $6.5 million.
- New EIP-7702–based malicious signatures emerged after the Pectra upgrade, causing $2.54 million in August losses.
- Large incidents fell to 11 cases over $1 million, while average loss per victim fell to $790, reflecting a shift to lower-value, higher-volume attacks.
Scam Sniffer reported that crypto phishing attacks tied to wallet drainers dropped sharply in 2025, with total losses falling to $83.9 million from nearly $494 million the prior year across Ethereum Virtual Machine chains. Victim counts fell to 106, and the platform linked the decline to reduced onchain activity as markets cooled.
Losses tracked market cycles, peaking in the third quarter during Ethereum’s strongest rally; Q3 accounted for $31 million, or about 29% of annual losses. Monthly totals ranged from $2.04 million in December to $12.17 million in August, showing spikes during active market periods. “When markets are active, overall user activity increases, and a percentage fall victim — phishing operates as a probability function of user activity,” the report stated.
The largest single theft in 2025 was a $6.5 million Permit signature attack in September, underscoring that Permit and Permit2 approvals remain effective tools for attackers. Permit-based attacks made up 38% of losses among incidents exceeding $1 million. At the same time, attackers introduced a new vector using EIP-7702 signatures after the Pectra upgrade, bundling multiple harmful actions into one user signature; two major EIP-7702 cases in August caused $2.54 million in losses.
Large-scale incidents declined to 11 cases over $1 million, down from 30 in 2024. Attackers increasingly favored many lower-value drains; the average loss per victim fell to $790. “The drainer ecosystem remains active — as old drainers exit, new ones emerge to fill the gap,” the report concluded.
Separately, blockchain security firm PeckShield recorded about $76 million in hack and exploit losses in December, a 60% drop from November’s $194.2 million, with 26 major incidents that month. The largest December cases included a $50 million address-poisoning scam and a $27.3 million private key leak tied to a multi-signature wallet.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
