Cryptocurrency hackers move away from the apply of smart gaps in contracts and heading to users via social engineering programs, said Certik Web3 Cybersecurity Company.
Until now, over $ 2.1 billion has been stolen in attacks related to cryptocurrency in 2025, along with most losses resulting from the compromises of the portfolio and phishing attacks, According to This certificate.
Cryptographic phishing attacks are social engineering programs, in which the attackers divide false links to theft of confidential information of victims, such as private keys to cryptographic portfolios.
According to Ranghui GU, co -founder Certik, an increasing number of social engineering attacks suggest that hackers are changing the attack vectors.
Related: Data leak Coinbase can expose users to physical danger: TechCrunch Founder
CERTIK observed the shift of attack patterns from smart contracts and gaps of blockchain infrastructure to apply gaps in human behavior, said Cointelegraph during the chain reaction of the daily space X show June 2, adding:
“Most of these $ 2.1 billion were caused by the compromise of the portfolio, the key improper management and operational problems.”
According to Certik, phishing frauds cost a cryptographic industry over $ 1 billion in 296 incidents in 2024, which makes them the most steep attack vector for the industry.
Cyber security expert comments appear just a month after social engineering program contributed to $ 330.7 million Bitcoin (BTC) from the portfolio of an older US unit, CointeleGraph informed on April 30.
Social engineering programs, such as address poisoning, do not require any hacking. Instead, the attackers deceive victims of sending assets to false portfolio addresses.
Related: Hoskinson promises an audit, he is “deeply wounded” by USD 600 million claims regarding the treasury of Cardano
Hackers always direct to the weakest link
Although the escalate in social engineering programs is a disturbing sign, it may be a signal of more solid decentralized protocols (DEFI).
“Attacks always head to the weakest point,” explained Gu Certik, adding:
“The intelligent contracts or the blockchain code itself was the weakest point, but now the attackers feel that the weakest points can come from human behavior rather than from the code.”
GU said that the industry must now invest in better portfolio security, access control, real -time transaction monitoring and simulation tools to limit future incidents.
The participation of the lion of the stolen value in 2025 drank from hacking Bybit exchange worth $ 1.4 billion on February 21, when the infamous Lazarus group from North Korea organized the largest exploit in the history of cryptocurrencies.
This single incident accounted for over 60% of the value lost in all cryptographic hacks in 2024, when the industry noticed $ 2.3 billion on 760 safety incidents, According to to the annual Certika Hack3D report.
https://www.youtube.com/watch?v=kynq5yofkwo
Warehouse: Coinbase Hack shows that the law probably will not protect you: Here’s why
