Perdas por phishing em criptomoedas despencam 83% - O que está por trás da queda histórica?

O cenário da segurança cripto acaba de registrar uma reviravolta impressionante. Após anos de ataques sofisticados e prejuízos bilionários, os números mostram uma redução que surpreende até os analistas mais otimistas.

Mudança de Paradigma na Defesa Digital

Plataformas implementaram camadas de autenticação que cortam tentativas de invasão antes mesmo do primeiro clique. Sistemas de monitoramento em tempo real agora detectam padrões suspeitos e bloqueiam transações fraudulentas automaticamente. A educação do usuário—aquele fator humano sempre vulnerável—ganhou investimentos pesados em simulações e alertas proativos.

A Resposta dos Protocolos

Cadeias principais atualizaram mecanismos de consenso para invalidar transações maliciosas em minutos, não dias. Smart contracts incorporaram verificações que impedem drenagens de carteiras mesmo com chaves comprometidas. A descentralização, ironicamente, encontrou seu equilíbrio com sistemas centralizados de vigilância—uma contradição que os puristas detestam, mas que os números comprovam.

O Fator Regulatório (Sim, Ele Ajudou)

Exigências de compliance forçaram exchanges a adotar padrões antes considerados burocráticos demais para o mundo cripto. A FSA japonesa e outras agências globais estabeleceram protocolos que, pasmem, reduziram incidentes sem estrangular a inovação. Até os bancos tradicionais—aqueles mesmos que há cinco anos chamavam Bitcoin de fraude—agora emprestam suas estruturas de segurança para parcerias híbridas.

A queda de 83% não é acidente. Representa maturidade tecnológica, investimento agressivo e uma lição duramente aprendida: na corrida entre criadores e destruidores de valor, a vantagem finalmente mudou de lado. Resta saber se Wall Street notará—afinal, eles ainda estão ocupados descobrindo como tokenizar títulos do século passado.

Crypto market valuation declines ‘sends away’ phishing scammers

Per Scam Sniffer’s analysis and chart data tracking the first quarter, when markets were declining, losses stood at $21.94 million, affecting slightly over 22,000 victims. When markets began to recover in the second quarter, phishing losses declined to $17.78 million from about 21,000 victims.

The third quarter was the most dangerous period for market participants because several assets had witnessed strong rallies, including Bitcoin, which peaked at $123,000, and Ethereum, which hit its all-time-high price at $4,946 in August. The price charge and bull market environment came with a surge in phishing activity, pushing losses to $31.04 million and impacting 40,000 victims. 

August and September alone accounted for 29% of total annual losses, making the quarter the most active for attackers. However, the last quarter of the year saw a pullback in phishing losses that fell to $13.09 million, by far the quietest part of 2025. 

Permit / Permit2 leads signature phishing theft methods 

The biggest single phishing theft last year resulted in a $6.5 million loss in September, where hackers made away with staked ether and wrapped bitcoin derivatives. The attackers used a method known as the Permit-style signature, a feat that made up 38% of losses among cases exceeding $1 million. 

Permit/Permit 2 signatures allow token spending approvals without direct transfers, which attackers take advantage of by disguising malicious permissions to appear as legitimate prompts and trick token holders into accepting them without question.

Other cases included a $3.13 million theft of wrapped Bitcoin in May using an approval escalation technique, and a $3.05 million loss of stablecoins in August through a direct transfer exploit. Yet, only 11 cases exceeded $1 million in the year, down from 30 the year before.

The data also showed a decline in the average loss per victim, which fell to $790, down from nearly $1,500 last year.

While the report focused on signature-based wallet drainer attacks, one of the most unforgettable cases occurred in February, when the Lazarus Group compromised a developer machine through a multisignature wallet provider within the Bybit crypto exchange. A malicious code was injected into a signing interface, enabling attackers to spoof legitimate approvals and steal approximately $1.46 billion.

Supply chain attacks were also among the most prevalent methods used, with attackers stealing developer credentials through phishing emails and injecting malicious code into open-source packages, backdooring hundreds of software libraries, and exfiltrating private information and security credentials.

Other campaigns phishing hackers used included compromised front-end interfaces, hijacked social media accounts, and spreading malware to steal private keys and authentication data. 

2025 closed with Google Task notification phishing abuse

In other news, the year ended with a sophisticated email phishing campaign in December, as hackers targeted more than 3,000 organizations in manufacturing by abusing Google’s cloud-based infrastructure.

Several users reported receiving emails that appeared as genuine task notifications, prompting recipients to complete an urgent “All Employees Task.” Victims who clicked buttons labeled “View task” or “Mark complete” were redirected to malicious pages hosted on trusted cloud storage services.

Because the messages were sent using legitimate application integration tools, they passed all major email authentication checks and walked past security gateways undetected. 

The smartest crypto minds already read our newsletter. Want in? Join them.