MITRE has launched a new cybersecurity framework aimed at addressing vulnerabilities in digital financial systems such as cryptocurrency.
Known as the Adversarial Actions in Digital Asset Payment Technologies (AADAPT) framework, it provides developers, policymakers and financial organizations with a structured methodology for identifying, analyzing and mitigating potential risks associated with digital asset payments.
According to MITRE, the AADAPT framework, announced on July 14, uses insights from real-world attacks as cited by more than 150 sources including government, industry and academia.
The AADAPT framework identifies adversarial tactics, techniques and procedures linked to digital asset payment technologies, including consensus algorithms and smart contracts.
Cyber threats associated with cryptocurrency include double-spending attacks, phishing schemes and ransomware incidents that impact businesses, governments and individual users.
Smaller organizations, local governments and municipalities are particularly vulnerable, often lacking the resources to enhance their cybersecurity measures, MITRE noted.
AADAPT seeks to address these disparities by providing practical guidance and tools tailored to the unique needs of this financial market segment.
“Digital payment assets like cryptocurrency are set to transform the future of global finance, but their security challenges cannot be ignored,” said Wen Masters, VP of cyber technologies at MITRE. “With AADAPT, MITRE is empowering stakeholders to adopt robust security measures that not only safeguard their assets but also build trust across the ecosystem.”
AADAPT is modeled after the MITRE ATT&CK framework and its tactics and techniques are complementary to those in ATT&CK.
In July 2025, cybersecurity firm CertiK found that around $2.47bn in cryptocurrency had been stolen via scams, hacks and exploits in the first half of 2025.
The surge was spurred by a hack targeting cryptocurrency exchange Bybit in February, which resulted in $1.4bn in cryptocurrency being stolen.
The Bybit hack was linked to Lazarus, a state-sponsored North Korean APT group.
