KROLL-威胁格局报告：加密时代的网络犯罪（英）

Threat Landscape Report:Cybercrime in the Crypto Era2The first half of 2025 saw the continuation of the complex themes that shaped the threat landscape in 2024. Email compromise retained its place as the most prominent threat type, while phishing continued to take the lead in initial access methods. Yet another trend that persisted was that of groups such as AKIRA, PLAY and LOCKBIT retaining their place as key ransomware players. However, alongside familiar threat types and players, risks associated with cryptocurrency proved to be a notable theme in Q1 2025, likely due to changing regulations and a rise in malware leveraging the blockchain. As a result, this report focuses on key findings and observations around cryptocurrency. With significant potential rewards, cryptocurrency has become the focus for cyberattackers almost as fast as it has for investors. This presents some uniquely complex and unprecedented security risks. Political shifts have led to more giant leaps forward into the mainstream—further driving the scope for attacks. The Kroll Cyber Threat Intelligence team observed that nearly $1.93 billion was stolen in crypto-related crimes in the first half of 2025 alone, surpassing the total for 2024 and putting 2025 on track to be the worst year for digital asset theft. Additionally, phishing attacks targeting cryptocurrency users increased by 40%, primarily through fake exchange sites. These underscore the growing cybersecurity risks in the crypto space, from direct thefts and hacks to more sophisticated scams and laundering operations.Continue reading for more insights into the cryptocurrency security risks shaping 2025 and the steps you can take to safeguard your organization. AuthorsThreat Landscape Report: Cybercrime in the Crypto EraGeorge GlassKeith WojcieszekEdward CurrieThreat Landscape Report: Cybercrime in the Crypto EraCrypto Kidnapping Attempts AccelerateCrypto exchanges and financial organizations are becoming increasingly lucrative targets—not just for cyber threats but also for physical security threats—as their visibility and value continue to grow. The level of the physical risk now associated with crypto has been highlighted by recent kidnappings and ransom attempts, leading to a rise in investors seeking protection services, including bodyguards. Risks to companies also increase when they are only potentially exposed, as discovered in the May 7, 2025, LOCKBIT breach, where negotiation conversations were leaked, along with their Bitcoin wallet addresses.Compliance Failures Drive RiskFailure to establish compliance protocols for crypto services can expose financial institutions and organizations to serious legal repercussions, including fines, sanctions and reputational damage. In recent years, crypto services have garnered attention and a reputation as hubs for criminal activity, leading to stringent regulatory measures across various jurisdictions. Poor Financial Insight Has a High Cost Financial intelligence failure