According to PeckShield, losses from crypto hacks dropped by about 60% in December, slipping to roughly $76 million from about $194 million in November.
That sharp month-to-month decline was driven by fewer large-scale heists, but the damage that did occur was still significant. Reports have disclosed a mix of scams and technical failures that together made December anything but risk-free.
December Losses Fall 60%
PeckShield tracked roughly 26 major exploits during the month. The largest single hit was an address poisoning scam that took about $50 million. In that scheme, victims were tricked into sending funds to an address that looked almost identical to a legitimate one.
Other large losses included a $27 million drain from a multi-signature wallet tied to a private key leak, about $7 million tied to a Trust Wallet exploit, and roughly $3.9 million linked to issues involving the Flow protocol. These figures were reported across multiple outlets and match the totals PeckShield compiled.
#PeckShieldAlert December 2025 witnessed ~26 major crypto exploits, resulting in total losses of ~$76M.
This figure represents a decrease of over 60% from November’s total of $194.27M, marking a significant reduction in monthly losses.
Notably:
🔺Wallet 0xcB80…819 lost $50M… pic.twitter.com/CNW3R6646j— PeckShieldAlert (@PeckShieldAlert) January 1, 2026
Major Scams Still Cause Big Damage
Address poisoning stood out because it relies on human error rather than a broken protocol. A small mistake — copying the wrong address — could wipe out a large transfer.
Trust Wallet’s loss was linked to a browser extension weakness that allowed attackers to move funds. In some cases, reimbursements were being discussed by affected services.
Reports have disclosed that private key exposure, even in wallets meant to be secure, continues to be a common root cause of big losses.
Some experts say the fall in dollar losses reflects fewer massive breaches, not a vanishing of threats. Security teams have been more active, and some wallets tightened checks.
But the methods used by attackers did not disappear. Scams that prey on mistakes, like the address trick, are still in play, and sophisticated intrusions remain possible.
It was observed that a handful of incidents accounted for the bulk of December’s total, which helps explain the large swing in monthly totals.
Close monitoring into these trends by regulators and other stakeholders like platform operators will continue as well. There have been growing pressures to provide better protections for exchanges and other wallets when there has been a breach; and for more timely actions after the compromise has been identified.
Featured image from Unsplash, chart from TradingView
