Multisig Failures Lead to $2 Billion in Crypto Losses in H1 2025

A new report from CoinDesk reveals that more than $2 billion in crypto assets were lost during the first half of 2025 due to vulnerabilities in multisignature (multisig) wallets and related operational failures. The findings have sparked renewed scrutiny around wallet security across exchanges, DAOs, and institutional custodians.

What Are Multisig Wallets?

Multisig wallets require approval from multiple parties, such as 2-of-3 or 3-of-5 signers, to authorize a transaction. They are designed to protect assets from a single point of failure and are widely used by institutional funds, large holders, and decentralized organizations.

What Went Wrong?

Losses from January to June 2025 already exceed the full-year total from 2024. The surge is driven by overlooked vulnerabilities in multisig wallet design and execution. Key failure points include:

• UI Tampering: Hackers manipulated wallet interfaces to display fake approval prompts, tricking signers into confirming unauthorized transfers.
• Keyholder Mismanagement: Many projects used outdated signer lists, lacked audit trails, or failed to enforce proper off-chain approvals.

A major example occurred in February, when Bybit suffered a $1.46 billion exploit after malicious UI modifications misled an authorized signer.

The Structural Problem

Experts now believe these losses expose a fundamental flaw in Web3 security. Unlike smart contract bugs, multisig failures stem from human error, weak governance, and interface-level manipulation.

Cybersecurity firm Hacken categorized these incidents as dominant in 2025’s crypto breaches. They urged protocols to shift away from reactive audits and adopt real-time operational safeguards.

Their recommendations include:

1. Active transaction monitoring, using AI-powered anomaly detection
2. Zero-trust signer frameworks, with cross-verification between stakeholders
3. Institutional-grade front-ends, designed for mission-critical wallet operations

Why It Matters Now

1. Rising Institutional Exposure: As hedge funds, exchanges, and corporates move assets on-chain, multisig wallets have become the default security layer. Failures at this level risk undermining investor and public confidence
2. .Regulatory Implications: The CLARITY and GENIUS Acts may soon mandate standardized signer protocols and enforce greater operational transparency.
3. Security Paradigm Shift: These incidents highlight that cryptographic strength is no longer sufficient. Secure UX design, structured approval logic, and continuous monitoring are now critical components of wallet safety.

What Firms Can Do Now

To prevent further losses, projects should:

• Deploy real-time anomaly detection across signer workflows and multisig interfaces.
• Formalize signer roles and logs, including off-chain authorization records.
• Use air-gapped devices or physical authentication tools to validate sensitive transactions.

Leading DAOs and custody platforms are already piloting dashboard-based alerts, signer activity visualization, and proactive flagging of protocol anomalies.

Recap

As of July 24, 2025, multisig wallets, long considered the backbone of institutional crypto security, have shown alarming weaknesses. With over $2 billion lost to UI manipulation and signer errors in just six months, the industry is being forced to rethink security. The future now demands real-time monitoring, zero-trust governance, and airtight human procedures.