Web3 Fraud Hit $15.87 Billion in 2025, Far Exceeding Losses From Hacks

Web3 Fraud Hit $15.87 Billion in 2025, Far Exceeding Losses From Hacks

N
News Editor 01
2026-07-08 15:24:14
A Cyvers report says Web3 fraud reached $15.87 billion in 2025, far above the roughly $2.5 billion lost to hacks and exploits, as organized scam networks scaled across millions of transactions.
Web3 fraudcrypto securitystablecoinsexchangespig butchering

Web3 fraud reached a new scale in 2025, with Cyvers reporting $15.87 billion in detected fraudulent value, far surpassing the more than $2.5 billion lost to traditional hacks and exploits during the same period. The figures suggest that the crypto industry’s risk profile is shifting: while major technical breaches still capture headlines, fraud has become the larger and more pervasive threat.

Fraud spread across millions of transactions

One of the report’s most important observations is that the losses were not concentrated in a small number of dramatic incidents. Instead, they were distributed across 4.29 million individual transactions. That dispersion helped keep much of the damage below the public radar, especially compared with high-profile events such as the Bybit hack, which naturally draw more immediate attention.

According to Cyvers, this pattern points to the rise of industrialized crypto crime. Rather than isolated scams or one-off attacks, organized networks are now operating through clusters of related wallet addresses tied to the same scam infrastructure. Funds are then routed across multiple exchanges, payment service providers, and off-ramp channels, creating complex cross-platform flows that are harder to track and interrupt.

The growing danger of “authorized” fraud

Cyvers highlighted a particularly troubling shift in 2025: the rapid expansion of so-called authorized fraud, with pig-butchering scams standing out as the clearest example. Unlike conventional hacks, these schemes do not primarily rely on breaking into accounts or bypassing blockchain security controls. Instead, they exploit human behavior and trust.

In these scams, criminal groups often engage with victims for weeks or even months. The goal is to build emotional credibility and a false sense of security before steering the victim toward a final transfer or liquidation event. Because the victim technically approves the transaction from their own wallet or a verified account, many legacy fraud controls fail to flag the activity as suspicious in time.

The report argues that this is a structural problem for platforms relying on traditional compromised-account detection. If the transaction appears to be user-authorized, standard controls may be effectively blind to the fraud flow. Cyvers therefore says that real-time behavioral analytics and entity-level risk scoring are becoming essential if platforms want to detect these schemes before funds leave the ecosystem.

Liquid assets remain the preferred vehicles

The report also found that fraudulent flows were heavily concentrated in a small set of highly liquid crypto assets, reflecting their utility for rapid movement and conversion into fiat. USDT accounted for 37% of detected fraudulent movements, followed by ETH at 36% and USDC at 25%. This concentration indicates that fraud operators are not depending on obscure tokens. Instead, they are using the most liquid and widely accepted digital assets to move value efficiently.

That pattern reinforces a broader point: the infrastructure underpinning crypto fraud is increasingly mainstream. Stablecoins and blue-chip assets offer liquidity, speed, and broad exchange support, making them practical tools for organized scam networks seeking to scale operations across jurisdictions and platforms.

Exposure concentrated among large exchanges

Cyvers said exposure to fraudulent flows was also concentrated among major centralized players. Although the report did not identify specific companies, it stated that the single most exposed global exchange accounted for more than $2.3 billion in fraudulent flows. In addition, just three of the world’s top ten exchanges were responsible for nearly half of all fraud volume routed through centralized platforms.

These findings do not necessarily mean the exchanges themselves were complicit. Rather, they underscore how heavily organized fraud networks depend on large, liquid venues to process, route, or exit funds. The concentration also suggests that improvements in monitoring and intervention at a relatively small number of major platforms could have an outsized impact on the wider fraud landscape.

A broader shift in crypto risk

The 2025 data points to a broader transformation in how crypto-related crime should be understood. For years, public attention has focused on hacks, exploits, and smart contract vulnerabilities. Those threats remain significant, but the report suggests that the larger economic damage now comes from scams that leverage social engineering, operational scale, and financial infrastructure rather than purely technical compromise.

In that sense, crypto fraud is increasingly resembling a form of global organized crime. Pig-butchering may be the most visible “authorized fraud” model, but Cyvers’ findings suggest that many schemes rely on the same core ingredients: liquid stablecoins, major crypto assets, and access to large centralized exchanges. The result is a system in which fraud can scale quietly through millions of small or mid-sized transactions, even when individual incidents do not make headlines.

For the industry, the message is clear. Security can no longer be measured only by the prevention of hacks. As scam networks become more sophisticated, platforms may need to complement technical defenses with deeper transaction monitoring, behavioral intelligence, and stronger fraud-detection systems designed for user-authorized activity. Otherwise, the biggest losses in crypto may continue to come not from code exploits, but from manipulation at scale.

This article was originally published by Bit.Fan. For more cryptocurrency news and market insights, visit www.bit.fan.
400

Disclaimer:

The market information, project data, and third-party content displayed on this platform are for industry information sharing only and do not constitute any form of investment advice or return commitment.

Cryptocurrency trading carries high risks. Users should fully assess their risk tolerance and make independent decisions. All profits, losses, and legal responsibilities are borne by the users themselves.