The Chainalysis 2026 Crypto Crime Report, published January 13, 2026, reveals at least $14 billion stolen in 2025 scams—projected to reach $17 billion—driven by a 1,400% surge in AI-boosted impersonation tactics, amid broader losses including $4 billion from hacks per PeckShield and $154 billion in total illicit volumes linked to nation-state actors.
The cryptocurrency sector suffered unprecedented losses in 2025, with Chainalysis tracing at least $14 billion to on-chain scams (up from a revised $12-13 billion in 2024), projections climbing to $17 billion amid ongoing investigations—a 64% year-over-year increase, with average victim payments rising 253-600% to $2,764.
Impersonation scams, where fraudsters posed as trusted entities like Coinbase or government agencies, exploded 1,400% in volume. Notable cases include the China-based Smishing Triad's E-ZPass phishing scheme defrauding over 1 million victims across 121 countries for $1 billion, and Brooklyn's Ronald Spektor, indicted for a $16 million Coinbase fraud using bribed insider data. Many operations originated from East/Southeast Asian networks, including forced-labor compounds in Cambodia and Myanmar.
AI tools supercharged these attacks: deepfakes and LLMs purchased from Chinese vendors made scams 4.5 times more profitable, extracting $3.2 million per operation (vs. $719,000 for non-AI), with daily revenues of $4,838 (vs. $518) and 9x transaction volumes.
Hacks compounded the crisis. PeckShield reported total crypto losses up 34% to $4 billion, including $2.67 billion from hacks and $1.37 billion from scams. By mid-July, hacking had surpassed 2024 totals with $2.17 billion stolen across incidents, highlighted by the $1.5 billion Bybit breach attributed to North Korean actors; Q1 alone set a record with $1.64 billion lost. Overall, 303 hack events caused $2.37 billion in losses across 121 major incidents, with phishing, wallet takeovers, and private key compromises (70% of cases) prevalent. Web3 fraud reached $15.87 billion, dwarfing traditional hack losses of $2.5 billion.
Law enforcement achieved significant victories: the U.S. DOJ seized over $15 billion in Bitcoin from Cambodian pig-butchering operations linked to Prince Group and trafficker Chen Zhi, convicted fraud leader Zhimin Qian, and shut down platforms like Huione Guarantee disrupting Asian networks. The UK's Metropolitan Police confiscated 61,000 bitcoins ($5+ billion equivalent) from launderer Yadi Zhang. Brooklyn DA Eric Gonzalez vowed to 'root out every instance of cryptocurrency fraud.'
Experts urge layered defenses: multi-factor authentication beyond SMS, DMARC email protocols, user training, on-chain monitoring, and international cooperation to counter evolving threats blending investment frauds and pig butchering.