Hackers in the crypto world are changing course, moving away from exploiting smart contracts and turning their focus toward tricking users directly.
According to Web3 security firm CertiK, the bulk of the $2.1 billion lost in crypto hacks so far in 2025 has come from phishing schemes and compromised wallets.
Instead of targeting protocol vulnerabilities, attackers are now using deceptive tactics to steal private keys and access user funds. CertiK co-founder Ronghui Gu told Cointelegraph during a June 2 X Spaces session that this shift highlights a growing trend: human behavior is now the primary attack surface, not the code.
Since 2024, phishing scams have become the most damaging attack vector, costing the industry over $1 billion across nearly 300 incidents. These scams often involve fake links and wallet address tricks, requiring little technical skill to execute.
The shift in tactics comes as DeFi protocols improve their security. Gu noted that attackers simply pivot to where defenses are weakest—now that smart contracts are harder to exploit, users themselves are the new target.
One striking example is the $330.7 million Bitcoin theft from a U.S. victim earlier this year, which didn’t involve hacking but rather deception.
Gu stressed the need for stronger wallet protection, better access controls, and real-time monitoring to combat this evolving threat landscape.
The largest incident of the year remains the $1.4 billion Bybit hack in February, attributed to North Korea’s Lazarus Group. That single breach accounts for over 60% of total losses in 2025, approaching last year’s full-year total of $2.3 billion across 760 attacks.
As traditional code-based exploits decline, the crypto industry now faces a new challenge: securing the human layer.
An extensive international cybercrime network has been brought down after law enforcement seized 145 domains linked to BidenCash, a notorious online marketplace that thrived on trading stolen credit card data and compromised digital identities.
Coinbase is now facing mounting scrutiny after it allegedly sat on a serious data breach for over four months, exposing the personal information of nearly 70,000 users before taking action.
A major security lapse has rocked Taiwan-based crypto exchange BitoPro, which quietly suffered an $11.5 million hack earlier in May but failed to alert users for weeks.
A Nevada resident has been sentenced to six years in federal prison after orchestrating a sophisticated fraud operation that involved stealing U.S. Treasury checks and using stolen identities to access the funds.