BTC $95,099.00 +0.04%
ETH $3,321.85 +0.83%
SOL $142.36 -1.06%
AVAX $13.59 -0.41%
UNI $5.32 -1.18%
AAVE $173.28 -0.79%
MATIC $0.000000 +0.00%
ATOM $2.50 -2.53%
LINK $13.80 +0.65%
ADA $0.3934 -0.57%
DOT $2.14 -3.07%
DOGE $0.1371 -0.23%
SHIB $0.000008 -1.33%
LTC $75.53 +0.89%
TRX $0.3171 +1.66%
XLM $0.2267 -0.31%
XMR $586.31 -5.86%
ALGO $0.1292 -2.63%
VET $0.0116 -2.64%
BTC $95,099.00 +0.04%
ETH $3,321.85 +0.83%
SOL $142.36 -1.06%
AVAX $13.59 -0.41%
UNI $5.32 -1.18%
AAVE $173.28 -0.79%
MATIC $0.000000 +0.00%
ATOM $2.50 -2.53%
LINK $13.80 +0.65%
ADA $0.3934 -0.57%
DOT $2.14 -3.07%
DOGE $0.1371 -0.23%
SHIB $0.000008 -1.33%
LTC $75.53 +0.89%
TRX $0.3171 +1.66%
XLM $0.2267 -0.31%
XMR $586.31 -5.86%
ALGO $0.1292 -2.63%
VET $0.0116 -2.64%
HASH Banner
Home HASH Desk Phishing losses drop...
HASH DESK

Phishing losses drop in 2025, spike during market rallies

AI-Powered • Editor Verified
January 3, 2026
Phishing losses drop in 2025, spike during market rallies

Crypto-related signature phishing losses fell sharply in 2025, but the threat remained closely tied to market activity, according to a new annual analysis of wallet drainer attacks across EVM-compatible blockchains. 

Total losses from signature phishing reached $83.85 million in 2025, impacting 106,106 victims, marking an 83% decline in losses and a 68% drop in victims compared with 2024.

The data shows a significant improvement from the previous year, when signature phishing drained roughly $494 million from users. However, analysts cautioned that the decline does not signal the disappearance of the threat. 

Instead, phishing activity continues to function as a probability-driven risk that scales with overall user participation during active market periods.

The largest single theft in 2025 totaled $6.5 million, occurring in September through a malicious Permit signature, which remained the dominant attack vector throughout the year. 

New risks also emerged following Ethereum’s Pectra upgrade, with attackers exploiting EIP-7702 batch signatures in August to bundle multiple malicious actions into a single approval. While only two large cases were linked to EIP-7702, they collectively resulted in more than $2.5 million in losses, highlighting how quickly adversaries adapt to protocol changes.

Losses peaked during periods of heightened market activity. The third quarter accounted for nearly 29% of total annual losses, coinciding with Ethereum’s strongest rally of the year. 

August and September alone recorded more than $23 million in stolen funds, underscoring the correlation between rising prices, increased onchain activity, and higher exposure to phishing scams. 

In contrast, the fourth quarter saw losses fall to just $13.09 million, with December marking the quietest month at $2.04 million as market momentum cooled.

Despite the improvement in headline figures, analysts emphasized that signature phishing remains only one part of a broader threat landscape. 

Major incidents in 2025 included large-scale supply chain attacks, frontend compromises, social media account hijackings, and the $1.46 billion Bybit breach linked to a developer machine compromise, dwarfing annual phishing losses.

Overall, the report suggests that while better awareness and tooling may be reducing average losses, phishing risks will likely resurface during future market rallies, reinforcing the need for continued user education and wallet-level safeguards.