Crypto Hack Losses Climb as Hackers Target Human Behavior
The cryptocurrency industry continues to face substantial financial losses to hackers, despite ongoing advances in cybersecurity. According to blockchain security platform CertiK, crypto-related exploits in the first half of 2025 exceeded $2.47 billion, signaling that bad actors increasingly target the human elements of security.
CertiK Highlights Persistent Threats
Ronghui Gu, co-founder of CertiK and professor of computer science at Columbia University, explained that attackers remain persistent in searching for vulnerabilities. Speaking during a Cointelegraph livestream, Gu noted, �As long as there�s a weak point or some vulnerabilities out there, sooner or later they will be discovered by these attackers.� He added that both hackers and defensive measures are becoming more sophisticated, but attackers only need a single vulnerability to succeed.
CertiK reported that over $800 million was lost across 144 incidents in the second quarter of 2025. This marks a 52% decrease in value from the previous quarter and 59 fewer incidents. However, total losses in the first half of the year still surpassed the $2.4 billion stolen in all of 2024, representing a nearly 3% increase.
Largest Exploits and Shifting Tactics
The largest share of this year's losses was attributed to a single major exploit on February 21, which became the biggest cyberattack in the industry�s history.
CertiK�s analysis found that cybercriminals are increasingly exploiting human vulnerabilities. These include social engineering tactics and operational risks such as private key compromises. Gu warned that attackers look for loopholes in human psychology, which remain difficult to secure despite technological improvements.
Phishing and Operational Risks on the Rise
- Rising phishing campaigns have emerged as a growing threat, aiming to deceive victims into revealing their wallet credentials or authorizing fraudulent transactions.
- In one recent incident, an investor lost $3 million in USDt after mistakenly approving a malicious transaction. The victim reportedly confirmed only the beginning and end of the wallet address, missing the altered middle characters�a common oversight on many platforms.
- Another victim lost $900,000 after unknowingly approving a malicious transaction, falling victim to a scam nearly 15 months later. This highlights the long-term risks of exposure from seemingly minor errors.
Ongoing Security Challenges
The increase in losses despite fewer incidents suggests that attacks are becoming more targeted and effective. CertiK warns that the industry remains in a constant battle, with both security experts and attackers strengthening their methods.
As the industry continues to evolve, the focus remains on reducing human error and bolstering security protocols to keep pace with emerging threats.
Related content
Comments
