logo
Back to News
Crypto Hackers Shift to Social Engineering

Crypto Hackers Shift to Social Engineering

Blockchain Security

Cryptocurrency Hacks: A Shift in Tactics

The landscape of cryptocurrency security has dramatically shifted. According to CertiK, a leading Web3 cybersecurity firm, cryptocurrency hackers are increasingly abandoning exploits targeting smart contract vulnerabilities in favor of social engineering schemes. This change in strategy has resulted in over $2.1 billion in losses during 2025 alone, with the majority stemming from compromised wallets and phishing attacks.

The Human Element: The Weakest Link

Ronghui Gu, co-founder of CertiK, highlights this significant trend: "The majority of this $2.1 billion was caused by wallet compromises, key mismanagement, and operational issues." This signifies a move away from complex technical exploits towards exploiting human error and trust.

Phishing attacks, a prime example of social engineering, involve fraudulent links designed to steal private keys and other sensitive information. These attacks are costing the industry dearly; CertiK reports over $1 billion in losses across 296 incidents in 2024 alone, making it the most expensive attack vector.

The recent theft of $330.7 million in Bitcoin from an elderly US individual through a sophisticated social engineering scheme further underscores this concerning trend. This attack, as reported by Cointelegraph, didn't involve any code exploits; instead, it relied entirely on tricking the victim into sending their assets to a fraudulent address.

Strengthening Defenses Against Human-Based Attacks

While the rise of social engineering is worrying, it could also indicate improvements in the security of DeFi protocols themselves. As Gu explains, "Attackers always target the weakest point. Smart contracts were the weakest point, but now attackers believe the weakest point comes from human behavior rather than the code."

To counter this shift, Gu emphasizes the need for enhanced security measures, including:

  • Improved wallet security
  • Enhanced access control mechanisms
  • Real-time transaction monitoring
  • Advanced simulation tools to identify vulnerabilities

The $1.4 billion Bybit exchange hack in February 2025, attributed to the Lazarus Group, stands as a stark reminder of the devastating potential of large-scale attacks. This single incident accounted for over 60% of all crypto losses in 2024.

Codeum: Your Partner in Blockchain Security

At Codeum, we understand the evolving threat landscape. We provide comprehensive blockchain security solutions including:

  • Smart contract audits
  • KYC verification
  • Custom smart contract and DApp development
  • Tokenomics and security consultation
  • Partnerships with launchpads and crypto agencies

Let Codeum help you build and secure your next-generation blockchain project. Contact us today to learn more.

Tags

#cryptocurrency security#social engineering#phishing#blockchain security#CertiK#DeFi security#wallet security#Lazarus Group#crypto hacks
Share this article

Related News

Jane Street Invests $105M in Antithesis for Blockchain Stress Testing
Blockchain Security

Jane Street Invests $105M in Antithesis for Blockchain Stress Testing

Coinbase Initiates Secure Wallet Migration to Enhance Fund Safety
Blockchain Security

Coinbase Initiates Secure Wallet Migration to Enhance Fund Safety

Why Experienced Web3 Users Are Prime Targets for Scammers
Blockchain Security

Why Experienced Web3 Users Are Prime Targets for Scammers