Cyvers has released its interactive annual report specializing in on-chain security incidents and fraud activity in 2025. The report is presented as a data-driven summary of how money moved, where defenses failed, and why “fraud plus hacks” must be treated as a combined threat surface relatively than two separate issues.
The timing can be a part of the story. When markets turn into volatile, the chance of incidents increases, but so does the urgency of users. A report that puts hard numbers next to attack patterns tends to spread well across exchanges, wallets, and compliance teams since it turns vague fears into measurable disclosure.
The two headlines
The core structure of Cyvers is straightforward:
- Flows related to fraud put classic “hacks” to shame.
- Most hacking losses are still as a consequence of access control failures, not exotic smart contract bugs.
The reporting summarizing the report highlights two top numbers for 2025:
- About $16 billion related to fraudulent activities
- Around $2.5 billion was lost as a consequence of hacks
What “$16 billion fraud” normally means
Cheating shouldn’t be a tactic. It is a supply chain of persuasion, identity and payoff rails.
Under Cyvers, “fraud-related” activities include schemes involving social engineering and deception, including authorization fraud, during which victims approve transactions or relinquish control without realizing it.
Summaries of the report point to 3 scale signals that matter to platforms:
- Over 4.2 million fraudulent transactions
- Around 780,000 addresses are involved
- Around 19,000 lively scam networks
These numbers support the “industrialized” narrative: fewer individual actors, more repeatable rules of the sport, more network effects.
Why authorization fraud is so effective
Authorization fraud trumps many security measures since the transaction appears legitimate.
The victim signs <-> The chain validates <-> The funds are moving.
This creates a spot between what compliance teams report and what users perceive as “hacked.” This also explains why pig slaughter is reported so often: the fraud is slow, relationship-oriented and designed to siphon off large sums of cash over time.
The $2.5 Billion Hacks Story: Access Control Still Wins
When fraud is the larger number, hacks are the sharper lesson.
Report summaries show that almost all hacker losses in 2025 will probably be as a consequence of access control failures: compromised keys, permission misconfigurations, and human error in privileged operations.
A standard simplification is: “Smart contracts are insecure.” The counterpoint suggested within the report is relatively that operational governance is the weak underbelly.
As described within the report summaries, the breakdown is usually described as follows:
- Over $2.2 billion is attributed to access control attacks
- Approximately $292 million is attributed to vulnerabilities in smart contracts and code
Why errors dominate access control
Access control failures are an enormous lever because they’re on top of the whole lot else.
If an attacker gains signing authority or privileged permissions, they will:
- Upgrade contracts
- Divert funds
- Drain hot wallets
- Change whitelists
- Change Bridge or Oracle settings
For this reason, “basic” controls comparable to key custody, multi-signature policies, and role-based access reviews could also be more essential than barely higher auditing.
Newer attack patterns that keep cropping up
The report coverage also reflects a trend that has been occurring for years: attackers are increasingly targeting the content surrounding the contract, not only the contract.
Frequently mentioned examples are:
- Supply chain compromises
- Frontend and DNS attacks
- Social engineering targeting operational personnel
- Transaction flows that originally look valid since the signatures are real
One reason that is underestimated is since it doesn't seem like an exploit. It looks like business as usual until the loss is already final.
What exchanges, wallets and projects can currently achieve
Cyvers’ data suggests a transparent prioritization: reduce the blast radius of “valid but unsafe” actions.
Foreign exchange and custody controls
- Reduce hot wallet exposure and segment by risk level
- Enforce withdrawal allow lists for treasury wallets
- Add real-time anomaly detection for brand new goal clusters
- Tighten privileged access routes for operational personnel
Smart contract and protocol operations
- Use roles with least privileges and short-lived permissions
- Multi-party approvals are required for upgrades and parameter changes
- Monitor privileged calls and implement policies at runtime
- Conduct continuous access reviews, not quarterly checklists
Defenses against fraud and social engineering
- Integrate user-related alerts into signing flows for high-risk approvals
- Highlight newly created addresses that receive quick inbound funding after which route them to payout locations
- Reduce suspicious approval patterns where possible
- Coordinate faster removal of pretend domains and faux support channels
Practical insights for users
Fraud is increasing since it exploits human routines.
A straightforward user checklist still prevents a big a part of the losses:
- For high value accounts, use a hardware key or hardware wallet
- Treat “Support” DMs as hostile by default
- Check domains with bookmarks, not search ads
- Revoke token permissions repeatedly
- Keep a separate wallet for on a regular basis use and long-term storage
These steps don’t make fraud inconceivable. They increase costs and reduce the likelihood that a mistake will end in a complete loss.
What to look at next
If Cyvers' reporting framework is correct, the following series of headlines won’t be about recent exploits. This will involve the next:
- Better detection of authorization fraud before the transaction is signed
- more friction on the exchange level on obvious fraud funnels
- stricter identity and recovery standards for user accounts
- Incident response playbooks that treat “valid signatures” as a possible signal of compromise
In other words, the industry’s safety narrative is shifting from “find the fault” to “protect the business.”
Diploma
Cyvers' annual report highlights a glaring gap: fraud-related activity amounts to about $16 billion versus hacking losses at about $2.5 billion, with access control failures still accounting for nearly all of hacker damage.
The takeaway shouldn’t be that smart contracts don’t play a job. The fastest growing risk arises on the intersection of individuals, permissions and signatory authority.
The post Cybers Reports $16 Billion in Crypto Scams and $2.5 Billion in Hacks appeared first on Crypto Adventure.
