December crypto security incidents decreased by 60% month-on-month, but a major case involving 50 million USD is still ongoing

By December 2025, the security situation in cryptocurrencies has shown a significant improvement. According to the latest reports, PeckShield’s December security incident statistics indicate that approximately 26 major attack events occurred this month, resulting in total losses of about $76 million, a decrease of over 60% compared to $194.27 million in November. What does this data reflect?

Significant Reduction in Losses

From the data, the loss scale in December is less than half of November’s. This may reflect several changes: first, the frequency or severity of security incidents has eased; second, market participants’ security awareness has increased; third, some wallets and project security measures have been updated and taken effect.

Specific Attack Case Analysis

Although overall losses have decreased, the destructive power of individual incidents remains significant:

The two most severe cases

The largest losses stem from two major incidents. One wallet address 0xcB80…819 suffered a loss of $50 million due to address poisoning, making it the most serious single event in December. Address poisoning is a common social engineering attack where attackers forge addresses to trick users into transferring funds.

Another incident involved multi-signature wallet 0xde5f…e965, which lost $27.3 million due to private key leakage. Such events typically indicate that the wallet’s security defenses have been breached, and multi-party signing mechanisms have failed to fully prevent fund outflows.

Other major losses

Besides these two major cases, December also saw multiple incidents involving losses in the millions:

• babur.sol project: $22 million
• TrustWallet: $8.5 million
• UnleashProtocol: $3.9 million
• flowblockchain: $3.9 million

These incidents involve project attacks, wallet thefts, smart contract vulnerabilities, and more, reflecting security risks across various parts of the ecosystem.

Diversity of Attack Types

From December’s cases, the main attack methods include:

• Address poisoning (social engineering)
• Private key leakage (poor key management)
• Project attacks (possibly involving contract vulnerabilities or operational issues)
• Wallet theft (potentially involving device security or social engineering)

This indicates that no single “silver bullet” can solve all security issues; users and project teams need to strengthen protections across multiple dimensions.

Situation Assessment

The 60% month-over-month decrease suggests an overall improvement in crypto security. However, this does not mean risks have disappeared; rather:

1. The loss amount per incident remains huge (e.g., $50 million from a single wallet), indicating high-value targets still attract attackers.

2. The occurrence of 26 major events shows that security risks are normalized and will not be entirely eliminated.

3. Different attack types (address poisoning, private key leaks, etc.) continue to happen, requiring comprehensive protective measures.

Summary

The significant decline in losses from security incidents in December is a positive signal. However, the reality behind the data is that, although overall losses have decreased, attacks are still frequent, and individual incidents can be devastating. For users, this serves as a reminder that improvements in data do not mean complacency. Basic risks like address poisoning and private key leaks still exist; maintaining security awareness and adhering to operational best practices remain the first line of defense.