Increased Risk of Phishing: Alert Issued by CertiK
=====================================================================================================
In the rapidly evolving world of cryptocurrencies, security remains a pressing concern. Two comprehensive reports by CertiK and Hacken have shed light on the predicted trends for 2025, highlighting a significant increase in phishing and social engineering attacks targeting human vulnerabilities in crypto security.
Last year, in 2024, the DMM Bitcoin cryptocurrency exchange suffered a hack, resulting in the theft of 4,502 BTC (approximately $320 million at the time). This incident, the second-largest loss in Japan following the Coincheck breach, underscores the ongoing threat to the crypto industry.
CertiK's reports for 2024 reveal that 80% of crypto losses, amounting to $2.1 billion, were due to phishing, social engineering, and compromised multisignature wallets. This finding underscores human error as the critical vulnerability in the industry. Phishing was, in fact, the most costly attack vector in 2024, with unreported incidents and other scams likely increasing the actual tally.
Hacken's observations for 2024 show that over $3.1 billion in crypto losses stemmed from smart-contract bugs, access-control vulnerabilities, rug pulls, and scams, with access-control exploits accounting for around 59% of losses. Hacken also notes a shift toward more sophisticated phishing campaigns and blind signing attacks targeting users rather than cryptographic flaws.
The figures provided by CertiK regarding 2024 are conservative, with unreported incidents and other scams likely increasing the actual tally. At least three incidents in 2024 resulted in losses exceeding $100 million. Across 760 incidents in 2024, over $2.36B was stolen, marking a 31.61% increase from the previous year.
As we look to 2025, phishing tactics are expected to evolve, potentially incorporating artificial intelligence. The urgent need for improved access control, user education, and innovative security solutions, such as Tangem's seedless hardware wallets that remove vulnerable seed phrases from the equation, cannot be overstated.
In addition to the phishing threats, critical code vulnerabilities remain a concern in the Web3 ecosystem. North Korean hackers stole at least $1.34 billion worth of crypto assets in 2024, according to Chainalysis. The Web3-market losses in 2024 affected DeFi, CeFi platforms, gaming, and metaverses.
The 2024 Hack3d Report provides insights about the year and what's next in the Web3 ecosystem. The reports from CertiK and Hacken underscore the need for continued vigilance and proactive measures to protect the crypto industry from these persistent threats.
- As the world of cryptocurrencies continues to evolve, the defi sector is expected to see an increase in phishing tactics potentially incorporating artificial intelligence, emphasizing the urgent need for improved cybersecurity measures.
- In 2025, the spotlight on cybersecurity is crucial, with the interconnected Web3 ecosystem remaining vulnerable to phishing, social engineering, and smart-contract bugs, as showcased by the $1.34 billion worth of crypto assets stolen by North Korean hackers in 2024.
