Cryptocurrency hackers are moving away from exploiting smart contract vulnerabilities and instead targeting users through social engineering schemes, according to Web3 cybersecurity firm CertiK.
More than $2.1 billion has been stolen in cryptocurrency-related attacks so far in 2025, with the bulk of losses coming from wallet compromises and phishing attacks, according to CertiK.
Crypto phishing attacks are social engineering schemes where attackers share fraudulent links to steal victims’ sensitive information, such as the private keys to crypto wallets.
The growing number of social engineering attacks suggests hackers are shifting attack vectors, according to Ronghui Gu, the co-founder of CertiK.
CertiK observed a shift in attack patterns from smart contracts and blockchain infrastructure vulnerabilities to exploiting loopholes in human behavior, Gu told Cointelegraph during the Chain Reaction daily X spaces show on June 2, adding:
“The majority of this $2.1 billion was caused by wallet compromises, key mismanagement, and operational issues.”
Phishing scams cost the crypto industry over $1 billion across 296 incidents in 2024, making them the most costly attack vector for the industry, according to CertiK.
The cybersecurity expert’s comments come just a month after a social engineering scheme saw $330.7 million worth of Bitcoin (BTC) stolen from the wallet of an elderly US individual, Cointelegraph reported on April 30.
Social engineering schemes like address poisoning don’t require any hacking. Instead, attackers trick victims into sending assets to fraudulent wallet addresses.
Hackers always target the weakest link
While the rise of social engineering schemes is a concerning sign, it may be a signal of more robust decentralized finance (DeFi) protocols.
“Attackers always target the weakest point,” explained CertiK’s Gu, adding:
“Smart contracts or blockchain code itself was the weakest point, but now the attackers feel like the weakest points may come from human behavior rather than the code.”
Gu said the industry must now invest in better wallet security and access control, as well as real-time transaction monitoring and simulation tools to reduce future incidents.
The lion’s share of the stolen value in 2025 stemmed from the $1.4 billion Bybit exchange hack on Feb. 21, when the infamous North Korean Lazarus Group staged the largest exploit in crypto history.
That single incident accounted for more than 60% of the value lost in all crypto hacks in 2024, when the industry saw $2.3 billion stolen across 760 onchain security incidents, according to CertiK’s annual Hack3d report.
Magazine: Coinbase hack shows the law probably won’t protect you: Here’s why
