In 2025, over $2.1 billion has been stolen in cryptocurrency-related attacks, as hackers shift their focus from exploiting smart contract vulnerabilities to targeting users through social engineering schemes, according to CertiK, a Web3 cybersecurity firm. The majority of these losses have occurred due to wallet compromises and phishing attacks. CertiK's co-founder, Ronghui Gu, noted a significant change in attack vectors, emphasizing that human behavioral weaknesses are now the primary targets for attackers. This shift indicates the need for improved wallet security, access control, and real-time transaction monitoring. Notably, a single incident stole $330.7 million worth of Bitcoin from an elderly individual in the U.S., highlighting the effectiveness of social engineering attacks that do not require direct hacking. In 2024, social engineering scams were already reported to have cost the crypto industry over $1 billion from 296 incidents. As attackers now view human behavior as the weakest link, the emphasis on investing in user security measures has never been more critical.

Source 🔗