Phishing Losses Fall 83% in 2025 — but EIP-7702 Exploits and Lazarus Show Risk Remains

Phishing losses in crypto plunged in 2025, but experts warn the danger hasn’t gone away. Web3 security firm Scam Sniffer reports total phishing-related losses in 2025 of $83.85 million across 106,106 victims — declines of about 83% and 68% respectively versus 2024. Large thefts (above $1 million) fell to 11 incidents, down from 30 the year before. The single biggest recorded heist was a $6.5 million permit-signature attack in September, roughly eight times smaller than 2024’s largest theft. Why the drop doesn’t equal safety Scam Sniffer cautions that lower dollar figures largely mirrored the crypto market cycle: when user activity contracts, absolute losses tend to fall too. Monthly totals ranged from $2.04 million in December to a peak of $12.17 million in August. Q3 — the busiest market period — accounted for about 29% of yearly losses (roughly $31 million), while Q4 cooled to about $13 million. New and continuing technical risks Signature-phishing attacks — where users are tricked into signing transactions or permits that drain wallets — remain a core threat. In 2025, Scam Sniffer flagged EIP-7702 exploits as an emerging vector. Leveraging account abstraction introduced by the Pectra upgrade (May 2025), attackers can now bundle multiple malicious operations into a single signature; two August incidents tied to EIP-7702 caused $2.54 million in losses. Permit and Permit2 signature types still dominate the large-case tally, accounting for $8.72 million across three major incidents (about 38% of large-case losses). High-profile breaches outside signature phishing Scam Sniffer also highlighted large, non-signature incidents that underscore diversified attacker strategies. Notably, the Lazarus group’s February breach—compromising a Safe (multi-sig) developer machine and pushing a fake multi-sig interface—resulted in roughly $1.46 billion in losses. What this means for users and the industry The decline in trackable signature-phishing losses may reflect lower market activity, better user hygiene in some areas, or — alarmingly — a shift toward harder‑to‑trace vectors such as private-key exfiltration and targeted social engineering. With an average loss per victim of roughly $790, Scam Sniffer’s analysis implies that attackers are adapting their tooling and tactics even as headline totals fall. Bottom line: reported phishing dollars are down, but the threat landscape is evolving. Continued vigilance, better wallet UX, stronger dev security, and monitoring for novel exploit patterns like EIP-7702 remain critical as attackers refine stealthier methods. Read more AI-generated news on: undefined/news