On-chain losses of $118 million in December: phishing attacks become the leading killer, and user prevention is urgent

2025-12-31 12:26:11

【Chain News】The on-chain security situation in December 2025 is not optimistic. According to the latest data, security incidents this month alone have caused approximately $118 million in losses.

The most insidious threat is phishing attacks, which dominate the scene, accounting for $93.46 million in losses, nearly 79% of the total. Even more severe is the “address poisoning” tactic—hackers forge addresses to deceive users into transferring funds, with this method alone swallowing $51.85 million.

In addition to phishing attacks, other threats are lurking: wallet theft directly caused $29.44 million in losses, and insider malicious acts resulted in $11.38 million in damages. The most shocking single incident was the Trust Wallet vulnerability scandal, which alone drained $8.5 million.

The most heartbreaking figure is yet to come—the recovered funds amount to only $159,000, with a recovery rate that is almost negligible. This fully demonstrates that on-chain security prevention is no small matter; every participant must stay vigilant.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

10 Likes

Reward
10
7
Repost
Share

Comment

0/400

RooftopReserver

· 5h ago

Fishing is so intense, 79% of the losses were covered by it? Feels like on-chain security is more exciting than gambling now. Address poisoning is really clever; not double-checking before transferring can really lead to bankruptcy. Recovery rate is only 0.1%, is this number joking with me? Trust Wallet took a pretty big hit this time. Do people still dare to use wallets? Looks like I need to learn how to distinguish fake addresses, or else I might be the next one to get wooled.

View OriginalReply0

ForkPrince

· 5h ago

Address poisoning is really clever. I was wondering why my money kept disappearing as I kept transferring... I lost big this month.

View OriginalReply0

GasFeeNightmare

· 5h ago

1.8 billion gone, 79% caused by phishing... I really hate these scammers, every time it breaks my heart. The address poisoning trick is really clever; I almost fell for it too, luckily I looked a bit closer. Recovery rate is only 0.01%? That's a joke, reporting or not reporting makes no difference. My friend got caught by Trust Wallet during that incident, and he's still losing money now. Why is it always us retail investors who get unlucky? What about the big players? Honestly, there's never been security on the chain; now I have to use a magnifying glass to look at transactions. This data is terrifying; I didn't touch anything in December. Wallet was directly hacked? How do you prevent that? There's really no way out. Quickly check your address book, don't get poisoned. A single transaction of 8.5 million just disappeared—what kind of transaction is that...

View OriginalReply0

0xSherlock

· 5h ago

Damn, these numbers are shocking. 118 million gone, with 79% due to phishing. I need to check my wallet addresses immediately. The address poisoning trick is brilliant, really too easy to fall for. Everyone, be more cautious. Trust Wallet had a major failure this time, losing 8.5 million. It seems few projects are truly secure. Recovering 159,000 is almost like not recovering anything. That’s really frustrating. In the future, think twice before transferring funds, or you’ll lose everything. Wallet theft, internal leaks, phishing—all happening. December is truly a disaster month. This is the most authentic side of Web3—security always comes first. The market is so chaotic right now, you need to be extra careful. Don’t rely on platforms to be trustworthy. 118 million, friends. Another wave of retail investors getting wiped out. It’s really just about not clicking on unfamiliar links. Such a simple principle.

View OriginalReply0

FalseProfitProphet

· 6h ago

Address poisoning is really incredible; you can lose it all in a second. Still, decentralization is necessary...

View OriginalReply0

0xInsomnia

· 6h ago

Address poisoning is truly unbeatable. My colleague was hit once, a painful lesson learned. Phishing scammers are so rampant that they managed to recover 159,000 yuan, which is basically no recovery at all. That 8.5 million from Trust Wallet was directly compromised; who would still dare to use it? There's no way to prevent it, everyone. It's outrageous. 1.18 billion yuan lost in a month, these numbers are becoming more and more unbelievable. Recovery rate approaching zero indicates that on-chain tracking really doesn't work.

View OriginalReply0

RektHunter

· 6h ago

Address poisoning is really sneaky. I have to verify three times every day before I dare to click send. So exhausting. The proportion of wallets being stolen is so high; I still have to use a hardware wallet to feel safe. A loss of 93.46 million—this is just a month's worth of trouble... I'm damn well quitting directly. Recovery rate of 15.9K? Laughable, it's basically nothing recovered. This is a one-way channel. Trust Wallet's vulnerability is too severe; 8.5 million just disappeared like that. By the way, do you still dare to use online wallets now? I really can't hold on. Phishing can't be prevented; on-chain is just a battlefield of chaos. I just want to know where these stolen funds finally went. They must have been washed into new scam capital again. Once December's data comes out, I'll immediately move large amounts to cold wallets. Anyone who believes otherwise is a fool. Address poisoning is too insidious; you can't even tell.

View OriginalReply0