In 2025, crypto phishing losses decreased by 83% year-on-year, but the "Wallet Cleansing" ecosystem remains active.

On January 3rd, the Web3 security platform Scam Sniffer reported that losses from crypto phishing attacks related to wallet drainers decreased to approximately $83.85 million in 2025, a significant drop of 83% compared to nearly $494 million in 2024; the number of victims fell to 106, a 68% decrease year-over-year. However, the report pointed out that phishing activities have not disappeared but are highly correlated with market cycles. In Q3 2025, amid a strong rebound of Ethereum, phishing losses reached the highest of the year at $31 million, accounting for nearly 29% of the annual total. Monthly losses were lowest in December at about $2.04 million, and highest in August at $12.17 million. In terms of techniques, Permit / Permit2 authorization phishing remains the most effective tool for attackers. The largest single case in 2025 occurred in September, with a loss of $6.5 million; additionally, with the Ethereum Pectra upgrade, new malicious signature attacks based on EIP-7702 rapidly emerged, with two incidents in August causing a total loss of $2.54 million. Notably, the number of large-scale cases significantly decreased—only 11 cases with losses exceeding $1 million in 2025, down from 30 in 2024—but attackers shifted to a “small amount, high frequency” strategy, with the average loss per victim dropping to $790. Scam Sniffer summarized: “The drainer ecosystem is still operational—old exits, new ones constantly emerging.” Furthermore, PeckShield data shows that in December 2025, crypto hacker and security incident losses amounted to about $76 million, a 60% decrease month-over-month, but attack activities remain frequent.