$2.1B crypto stolen in 2025 as hackers shift focus from code to users: CertiK

In 2025, over $2.1 billion worth of cryptocurrency has been stolen, with a notable shift in hacker tactics from exploiting smart contract and blockchain code vulnerabilities to targeting users through social engineering attacks, according to Web3 cybersecurity firm CertiK.

The majority of these losses stem from wallet compromises, key mismanagement, and operational issues.

Phishing attacks, a form of social engineering where attackers use fraudulent links to steal private keys and sensitive information, have become the most costly attack vector, causing over $1 billion in losses across 296 incidents in 2024 alone.

These attacks manipulate human behavior rather than technical flaws, highlighting that hackers now see human factors as the weakest link in security.

A significant portion of the stolen funds in 2025 came from the $1.4 billion hack of the Bybit exchange in February, marking the largest exploit in crypto history.

CertiK’s co-founder Ronghui Gu emphasized the need for the crypto industry to enhance wallet security, access control, real-time transaction monitoring, and simulation tools to mitigate these human-focused attacks going forward.

It's me, @justmythoughts, an ordinary Hive user looking to make the most of the platform. I will appreciate your support. Follow me for more. Thanks, Gracias :)