MetaMask, Phantom, and several other leading crypto wallets are joining forces to tackle the rising wave of crypto phishing scams that have drained more than $400 million from users in the first half of 2025.
In a joint initiative with the Security Alliance (SEAL), the wallets have launched what they call a global phishing defense network, designed to build a “decentralized immune system” capable of identifying and neutralizing threats in real time.
v“This means quicker response times to new phishing threats and more funds saved,” the organization noted. The defense effort builds on SEAL’s recently announced “verifiable phishing reports” tool, which lets security researchers prove that a reported website actually hosts phishing content.
SEAL said the new setup will allow anyone from anywhere in the world to submit verifiable phishing reports, which will then be automatically validated and broadcast across all participating wallets.
“Drainers are a constant cat-and-mouse game,” said Ohm Shah, a security researcher at MetaMask. Partnering with SEAL, he added, allows wallet developers to move faster and “throw a wrench at the drainer’s infra.”
Phishing scams, particularly those involving crypto drainers, have become increasingly sophisticated. Attackers now rotate landing pages faster when blocklists update, migrate to offshore servers when providers intervene, and use cloaking methods to evade automated detection systems.
The month saw nearly 20 major exploits, with incidents heavily concentrated in just a few large-scale attacks. Despite the drop, industry experts emphasized that DeFi and blockchain platforms remain highly vulnerable to security breaches.
Crypto-related hacks caused $127.06 million in losses in September 2025, marking a 22% decline from August’s $163 million, according to blockchain security firm PeckShield.
SwissBorg suffered a $41.5 million loss in Solana after hackers breached its API partner, Kiln. Both companies are working with exchanges, law enforcement, and white-hat hackers for damage control and user compensation.
Other incidents included a $13.5 million phishing attack on a Venus Protocol user, of which $13 million was recovered, and additional smaller exploits targeting platforms like Yala, GriffAI, and Shibarium Bridge.
UXLINK lost $44.14 million after its multisig wallet was exploited, leading to the unauthorized minting of 10 trillion tokens and a 90% crash in its token price.
