**Crypto Hack Counts Fall But Supply Chain Attacks Reshape Threat Landscape**

The world of cryptocurrency has seen a significant shift in the way hackers operate, with a notable decline in code vulnerabilities and an increase in sophisticated supply chain attacks.

According to new data from blockchain security firm CertiK, the total number of crypto hacks fell sharply in 2025, with losses concentrated in fewer, more complex supply-chain exploits. Despite this drop in incident counts, the amount lost per hack increased by a significant 66%, reaching an average of $5.3 million.

The most damaging threat emerged as supply chain breaches, accounting for a staggering $1.45 billion in losses across just two incidents. The Bybit hack in February, which saw hackers make off with $1.4 billion, is seen by CertiK as a signal that well-capitalized and coordinated threat actors are becoming increasingly active across the ecosystem.

As attackers target more infrastructure providers, the "sophistication" of supply chain attacks is expected to rise. In fact, CertiK predicts that these types of attacks will become even more prevalent in the coming months.

**A Shift Away from Code Vulnerabilities**

The decline in incident counts and a drop in median theft sizes suggest that protocol-level security is improving, pushing attackers away from simple code vulnerabilities and toward more complex tactics like phishing and infrastructure-level attacks.

Phishing scams have emerged as the second-largest threat, with crypto investors losing a cumulative $722 million across 248 incidents. These types of scams often involve prolonged emotional manipulation, such as "pig butchering" scams, where con artists use artificial intelligence to convince investors to transfer their funds.

**The Rise of Pig Butchering Scams**

Pig butchering scams are a subset of phishing scams that have cost the industry a collective $5.5 billion in 2024, across 200,000 individual cases. Notably, the average grooming period for victims is between one and two weeks in 35% of cases, while 10% of scams involve grooming periods of up to three months.

In June, the US Department of Justice announced the seizure of over $225 million in crypto linked to pig butchering scams. This highlights the growing concern around these types of scams and the need for increased awareness among investors.

**Conclusion**

The data from CertiK suggests that while total losses remain elevated, the decline in incident counts and a drop in median theft sizes indicate improving protocol-level security. However, as attackers become more sophisticated, it's essential for investors to stay vigilant and take steps to protect themselves against supply chain attacks and phishing scams.

As the crypto landscape continues to evolve, one thing is clear: the threat of hacking and scamming remains a significant concern. It's essential for investors to stay informed and adapt their strategies to combat these emerging threats.