Recent data from Web3 cybersecurity firm CertiK reveals that cryptocurrency thefts have exceeded $2.1 billion in 2025, primarily due to wallet compromises and phishing attempts. These social engineering schemes, which trick users into sharing sensitive information like private wallet keys, have become the primary attack vector for hackers. CertiK co-founder Ronghui Gu noted that the shift from targeting blockchain code to exploiting human behavior marks a significant trend in cybercrime.
In 2024, phishing incidents already cost the crypto industry over $1 billion across 296 separate cases. A particularly striking case involved a US elderly individual who lost $330.7 million due to a social engineering scheme. According to Gu, attacks now exploit human weaknesses rather than just technical flaws in blockchain infrastructure. He emphasized that the industry must enhance wallet security measures, access controls, and real-time monitoring to address these vulnerabilities.
One of the largest hacks in recent memory occurred on February 21, 2025, when the notorious Lazarus Group stole $1.4 billion from the Bybit exchange, accounting for over 60% of the total value lost from crypto hacks that year. This clear trend underscores the growing focus on the weakest link in security—human users—rather than the code itself. The incident serves as a reminder of the importance of user education on security practices in the evolving crypto landscape.
In 2024, phishing incidents already cost the crypto industry over $1 billion across 296 separate cases. A particularly striking case involved a US elderly individual who lost $330.7 million due to a social engineering scheme. According to Gu, attacks now exploit human weaknesses rather than just technical flaws in blockchain infrastructure. He emphasized that the industry must enhance wallet security measures, access controls, and real-time monitoring to address these vulnerabilities.
One of the largest hacks in recent memory occurred on February 21, 2025, when the notorious Lazarus Group stole $1.4 billion from the Bybit exchange, accounting for over 60% of the total value lost from crypto hacks that year. This clear trend underscores the growing focus on the weakest link in security—human users—rather than the code itself. The incident serves as a reminder of the importance of user education on security practices in the evolving crypto landscape.
