{"id":5695,"date":"2025-07-24T16:57:56","date_gmt":"2025-07-24T16:57:56","guid":{"rendered":"https:\/\/bitunikey.com\/news\/human-errors-and-ai-driven-hacks-keep-hitting-crypto-hard-in-2025-data-show\/"},"modified":"2025-07-24T16:58:01","modified_gmt":"2025-07-24T16:58:01","slug":"human-errors-and-ai-driven-hacks-keep-hitting-crypto-hard-in-2025-data-show","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/human-errors-and-ai-driven-hacks-keep-hitting-crypto-hard-in-2025-data-show\/","title":{"rendered":"Human errors and AI-driven hacks keep hitting crypto hard in 2025, data show"},"content":{"rendered":"<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">Crypto threats are no longer just technical as they\u2019re increasingly about human behavior and new tools like AI. The first half of 2025 shows that staying ahead means thinking broader than just smart contracts.<\/p>\n<div id=\"cn-block-summary-block_4a7859f1627b82a369eff9cc6386b45d\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>Crypto security stayed messy in the first half of 2025, with attacks growing more advanced.<\/li>\n<li>Scams hit both big firms and everyday users, and AI-related hacks are quickly becoming a serious headache.<\/li>\n<li>Staying safe now means combining better tools, tighter operations, and even smarter users, analysts at Hacken say.<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>The first half of 2025 has already seen over $3.1 billion lost across crypto platforms \u2014 surpassing last year\u2019s total \u2014 with Hacken\u2019s latest data showing that access control failures, phishing and social engineering scams, and smart contract exploits remain the main drivers behind these losses.<\/p>\n<h2 class=\"wp-block-heading\">Access control<\/h2>\n<p>According to a Hacken research report shared with crypto.news, access control failures remain the biggest problem, accounting for roughly 59% of losses, or about $1.83 billion in the first six months alone.<\/p>\n<p>The largest case was the infamous theft of $1.46 billion from Bybit, where North Korean attackers exploited a compromised Safe{Wallet} signer interface to push a malicious transaction. As Hacken explained the malicious proposal \u201cmanipulated the Safe\u2019s delegate call setup to seize control of the wallet.\u201d As of late July, Bybit\u2019s bounty portal tracking the funds <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.lazarusbounty.com\/\" target=\"_blank\" rel=\"nofollow\">shows<\/a> that over 80% of the stolen assets have vanished without a trace.<\/p>\n<figure class=\"wp-block-image size-full\"><picture decoding=\"async\" class=\"wp-image-14399622\"><source type=\"image\/webp\" ><\/source><\/p>\n<\/picture><figcaption class=\"wp-element-caption\">Crypto losses per quarter since 2024 | Source: Hacken<\/figcaption><\/figure>\n<p>Other big, eyebrow-raising hacks included UPCX losing about $70 million after attackers hijacked an admin account, KiloEx suffering a $7.5 million exploit through oracle price manipulation, and an insider secretly backdooring the Roar staking contract to drain $800,000.<\/p>\n<p>As if that wasn\u2019t enough, multi-sig wallets weren\u2019t safe either as one on zkSync was basically a single-signer wallet, letting attackers steal around $5 million. Politically motivated attacks also happened, like Iran\u2019s Nobitex losing over $90 million in crypto.<\/p>\n<h2 class=\"wp-block-heading\">Phishing and engineering<\/h2>\n<p>Phishing and social engineering scams made up close to $600 million (about 19%) of losses, per Hacken. One big incident involved an elderly U.S. victim who was tricked into transferring $330 million in Bitcoin (BTC). Hacken notes this was \u201cone of the largest reported individual thefts,\u201d adding that the theft \u201creflects the emotional and trust-based manipulation used by attackers beyond pure technical exploits.\u201d<\/p>\n<figure class=\"wp-block-image size-full\"><picture loading=\"lazy\" decoding=\"async\" class=\"wp-image-14399623\"><source type=\"image\/webp\" ><\/source><br \/>\n<img loading=\"lazy\" decoding=\"async\" width=\"876\" height=\"287\" src=\"https:\/\/bitunikey.com\/news\/wp-content\/uploads\/2025\/07\/1753376276_638_Human-errors-and-AI-driven-hacks-keep-hitting-crypto-hard-in.png\" alt=\"Human errors and AI-driven hacks keep hitting crypto hard in 2025, data show - 2\">\n<\/picture><figcaption class=\"wp-element-caption\">Phishing and social engineering attacks since 2024 | Source: Hacken<\/figcaption><\/figure>\n<p>Another neverending problem: scammers keep targeting wealthy Coinbase users by impersonating support staff, reportedly stealing over $100 million after a data breach exposed contact info.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cCallers posing as \u2018Coinbase support\u2019 quoted real balances to gain trust and trick victims into revealing keys or passcodes, stealing over $100 million to then launder stolen money via mixers, OTC desks and DeFi.\u201d<\/p>\n<p>Hacken<\/p>\n<\/blockquote>\n<p>Smart contract bugs caused about $264 million in losses, roughly 8.8% of the total. The most biggest was the Cetus hack, where an overflow bug let attackers drain $223 million in just 15 minutes, marking the worst DeFi quarter since early 2023. Hacken notes that if there had been real-time TVL monitoring with auto-pause, up to \u201c90% of those funds could have been saved.\u201d<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<h2 class=\"wp-block-heading\">Bots are everywhere<\/h2>\n<p>Artificial intelligence-related exploits are also quickly becoming a serious threat, with Hacken reporting a 1,025% surge in such incidents compared to last year, nearly all linked to insecure APIs. The report flags major vulnerabilities like remote code execution flaws in Langflow and BentoML, along with prompt injection attacks targeting commercial LLMs, underscoring how fast this attack vector is evolving.<\/p>\n<p>As Hacken puts it, the promise of AI \u201cis massive, but so are the risks,\u201d highlighting the urgent need for \u201cAI-specific security protocols alongside traditional blockchain safeguards.\u201d<\/p>\n<p>The report also points to a broader issue: many web3 projects still struggle with operational maturity. Hacken emphasizes that the \u201cfragmented state of wallet and key access governance across the Web3 space\u201d results from factors like lack of formal access control frameworks tailored for blockchain, poor off-chain process security, and weak UX protections against social engineering.<\/p>\n<h2 class=\"wp-block-heading\">Off-chain still matters<\/h2>\n<p>To help close these security gaps, analysts at Hacken suggest combining the Cryptocurrency Security Standard for managing on-chain keys with ISO\/IEC 27001 for strengthening off-chain processes and meeting compliance requirements. Hacken\u2019s compliance lead says using both frameworks \u2014 along with proper team training \u2014 can lower risks while building trust, enabling growth, and keeping customers confident over the long term.<\/p>\n<p>Simply put, the first half of 2025 confirms that crypto security is still a fast-moving target, just as unpredictable and challenging as ever. Most losses continue to come from access control issues, phishing attacks are picking up speed, smart contract flaws remain costly, and AI-related risks are quickly gaining ground.<\/p>\n<p>Hacken\u2019s findings suggest that staying safe in this space will take more than just code audits as it\u2019ll require a layered defense strategy combining technical tools, solid internal practices, user awareness, and protections tailored to AI threats to stay ahead of increasingly skilled attackers.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Crypto threats are no longer just technical as they\u2019re increasingly about human behavior and new tools like AI. The first half of 2025 shows that staying ahead means thinking broader&hellip;<\/p>\n","protected":false},"author":1,"featured_media":1229,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5695","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/5695","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=5695"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/5695\/revisions"}],"predecessor-version":[{"id":5696,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/5695\/revisions\/5696"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/1229"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=5695"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=5695"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=5695"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}