- December crypto losses fell 60% month over month, but a few large breaches still dominated total damage.
- Address poisoning and private key leaks accounted for most losses, highlighting user-side security risks.
- Social engineering scams, not technical hacks, drove major thefts targeting Coinbase users.
Cryptocurrency-related losses declined in December 2025, despite several high-value security incidents being reported. According to blockchain security firm PeckShield, total losses from 26 major crypto exploits reached approximately $76 million during the month. That figure represents a 60% decrease from November’s reported $194.27 million, reflecting a quieter period in aggregate terms while still being impacted by a small number of severe breaches.
PeckShield’s data shows that just two incidents drove the majority of December’s losses. The largest involved a single wallet address that lost roughly $50 million in an address poisoning attack. In this type of scam, attackers send small transactions from wallet addresses that closely resemble legitimate ones. Victims may later copy the fraudulent address from their transaction history, mistakenly redirecting funds to the attacker.
These attacks rely on visual similarity rather than technical exploits. Typically, the beginning and end characters of the fake address match the real one, making errors difficult to detect during routine transfers. Once funds are sent, transactions are irreversible.
Another major loss stemmed from a private key leak affecting a multi-signature wallet, resulting in approximately $27.3 million in stolen assets. PeckShield noted that the incident highlights a continuing vulnerability in key management, even in setups that require multiple approvals.
Additional Exploits Reported During the Month
Beyond the two largest cases, several other incidents contributed to December’s total. PeckShield identified losses of about $22 million linked to the babur.sol project and approximately $8.5 million involving Trust Wallet.
Another reported breach affected the Flow protocol, where attackers extracted roughly $3.9 million. PeckShield’s findings indicate that browser-based wallets remain frequent targets due to their constant internet connectivity.
Separate Case Targets Coinbase Users
In a separate development, U.S. prosecutors charged a 23-year-old Brooklyn resident, Ronald Spektor, in connection with an alleged $16 million cryptocurrency scam targeting users of Coinbase.
According to authorities, Spektor allegedly impersonated a Coinbase employee and contacted victims, claiming their funds were at immediate risk. Prosecutors stated that he pressured individuals to transfer assets to wallets under his control, employing social engineering tactics rather than technical hacking methods.
Related: DOJ Confirms $15M Seizure Linked to APT38 After 2023 Crypto Thefts
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
Source: https://coinedition.com/december-crypto-losses-fall-despite-high-impact-security-incidents/
