December crypto hacks fall 60% as address scams and key leaks drive $76M in losses

Losses from crypto hacks plunged in December, yet a handful of sophisticated attacks still drained $76 million from users and platforms.

Sharp drop in December losses, but big single incidents

Blockchain security firm PeckShield reported that overall crypto hack losses fell by 60 percent in December compared with November, totaling approximately $76 million. However, the decline in total damage masked a trend toward fewer but much larger incidents.

According to PeckShield, there were 26 major hacks during the month. That said, a small number of high-impact attacks, especially scams targeting addresses and private keys, accounted for most of the losses.

Address poisoning scam drives the largest December theft

The biggest single loss came from an address poisoning scam that resulted in a theft of $50 million. In this attack, scammers generated addresses designed to closely resemble a victim’s legitimate wallet, then sent tiny transactions to plant those fake addresses in the victim’s history.

Moreover, the fake addresses typically match the beginning and end of the real one, making them difficult to distinguish at a glance. Victims often copy the wrong address while rushing through a transfer, unknowingly sending funds directly to the attacker.

PeckShield warned that these exploits rely on visual confusion and urgency. The firm advised users to verify every character of a destination address manually and avoid relying solely on past transaction records or copied data when moving funds.

Multi-signature wallet breach exposes key management risks

Another major December incident involved a leaked private key tied to a multi signature wallet, which allowed attackers to steal $27.3 million. Despite the theoretical security benefits of multi-signature setups, weak operational security around key storage created a single point of failure.

The stolen funds represented more than one-third of December’s total losses. However, the case underscored that complex wallet architectures still depend on disciplined key management, including secure generation, distribution, and backup procedures.

Security experts stressed that leveraging hardware solutions and strict operational policies can significantly reduce the risk of large-scale thefts involving shared wallets.

Browser wallet exploit and ongoing extension risks

On Christmas Day, a browser wallet exploit hit the Trust Wallet browser extension, causing losses of around $7 million. The incident reinforced concerns that browser-based wallets remain exposed because of their continuous internet connectivity and interaction with untrusted websites.

Moreover, security firms reiterated guidance that users should limit funds kept in browser extensions and mobile wallets. They recommended hardware devices and cold storage solutions for long-term holdings, highlighting cold storage security as a critical defense layer.

Users were also urged never to share private keys or seed phrases under any circumstances, and to treat any unsolicited request for wallet credentials as an immediate red flag.

Social engineering and phishing remain powerful attack tools

Beyond technical exploits, social engineering continued to generate substantial losses. U.S. authorities charged a Brooklyn man with orchestrating a phishing crypto scam that stole $16 million from nearly 100 Coinbase users.

Prosecutors allege the suspect posed as a Coinbase employee, contacting victims and claiming their funds were at risk. That said, he allegedly directed users to transfer assets to wallets he controlled, using urgency and fear to bypass normal caution instead of exploiting any software vulnerability.

Officials emphasized that no technical breach of Coinbase’s systems occurred. Instead, the case illustrated how persuasive social tactics can be as damaging as direct protocol or wallet exploits.

PeckShield’s outlook on evolving crypto threats

PeckShield concluded that, despite the sharp monthly decline in headline losses from crypto hacks, core security risks remain very much active. The firm noted that major attack vectors now blend technical tricks with psychological manipulation.

Moreover, the company argued that routine practices such as double-checking transaction details, maintaining offline backups, and using hardware devices for cold storage security can prevent many of the most common theft scenarios.

In summary, December’s figures highlight that while aggregate losses dropped, individual incidents grew larger and more targeted, keeping robust security hygiene essential for all crypto users.