Crypto Hack Losses Drop 60% to $76 Million in December: PeckShield
Crypto journalist
We are there
Crypto journalist
Share
Crypto-related hacking and cyber security exploits fell sharply in December, falling 60 percent to $76 million per month, according to blockchain security firm PexShield.
Key Takeaways:
Crypto hack losses fell 60% to $76 million in December, down significantly from November's figure.
A single address poisoning scam caused $50 million in losses, making it the biggest crypto exploit of December.
PeckShield warns that persistent threats such as key leaks and browser exploits still pose serious risks.
This figure represents a significant decrease from November's $194.2 million.
Address Poisoning Scam Causes $50M in Losses in December Crypto Exploits
PeckShield observed major crypto exploits on December 26, with a few instances accounting for most losses. The largest was one user who lost $50 million in an address poisoning scam.
In such attacks, threat actors send small transactions from wallet addresses that appear to be legitimate, hoping that victims will mistakenly copy or select the spoofed address during transmission.
These scams often rely on visual similarities. Typically, the first and last few characters of a fake address match the real one, causing users to miss subtle differences when scanning transaction histories. Attackers take advantage of that inattention to irreversibly divert funds.
Another private key breach in December involved a multi-signature wallet, resulting in a loss of approximately $27.3 million.
The PeckShield breach highlights persistent concerns around key management, including for wallets that rely on multiple approvals for transactions.
While the overall drop in stolen funds appears encouraging, security experts warn that it does not represent a lasting change.
PeckShield pointed to several notable attacks during the month, including a Christmas Day exploit targeting the Trust Wallet browser that cost about $7 million, as well as a $3.9 million hack on the Flow protocol.
Browser-based wallets remain a common target for attackers due to their constant internet connection. In contrast, hardware wallets designed to store private keys, offline devices, are considered one of the most secure options for long-term asset storage, a distinction often highlighted by security researchers and outlets like Cointelegraph.
PeckShield says users can greatly reduce their exposure to common exploits by taking basic precautions.
These include validating every character of a destination address before sending funds, not relying on saved transaction histories, and taking private keys offline whenever possible.
Brooklyn man targets Coinbase users in $16M crypto scam
US prosecutors have reportedly charged 23-year-old Brooklyn resident Ronald Spector with a phishing and social engineering scheme that stole nearly $16 million in cryptocurrency from 100 Coinbase users.
According to the Brooklyn District Attorney's Office, Spektor posed as an employee of Coinbase and contacted victims, telling them their money was in immediate danger and pressuring them to transfer the crypto he controlled to wallets.
Officials said the plan was based on terror tactics rather than technical hacks. Spektor, who operates under the online alias “lolimfeelingevil,” warned victims of recent thefts to avoid suspicion and make quick decisions.
Trending news, recommended popular crypto topics, price predictions
