Overview
- PeckShield logged about 26 major exploits in December, with losses clustered in a few outsized incidents rather than broad protocol failures.
- The largest loss involved an address-poisoning scam that tricked a user into sending roughly $50 million to a lookalike wallet.
- A leaked private key tied to a multi-signature wallet enabled a theft of about $27.3 million.
- Browser-based wallets remained targets, with a Trust Wallet browser-extension exploit near $7 million and a Flow ecosystem breach around $4 million, prompting renewed advice to favor hardware or cold storage.
- U.S. prosecutors charged Ronald Spektor of Brooklyn with phishing roughly 100 Coinbase users for about $16 million.