In one of the largest cryptocurrency heists of 2025, 3,520 BTC (worth approximately $330.7 million) was stolen from a holder based in the United States — not by hacking a blockchain, but through a sophisticated social engineering attack.
The attackers impersonated a trusted service provider, gradually gained the victims' trust, and manipulated them into revealing sensitive information about their wallet, likely the secret phrase.
The theft occurs due to human error and not a technical flaw.
The stolen funds were quickly dispersed across more than 50 wallets and laundered through 20 exchanges, making recovery nearly impossible.
What is social engineering
This is a psychologically manipulated technique where scammers trick individuals into giving up confidential data. In crypto, this can include
- Phishing emails
- Fraudulent support calls
- Identity theft of trusted contacts or platforms
How to stay safe
Never share secret phrases or private keys
Use multi-signature wallets for large balances
Enable multi-factor authentication (MFA)
Check all contacts and communications
Be skeptical of urgency or emotional pressure
In summary: The blockchain is secure — but the human layer remains the biggest risk.