CertiK Warns of ‘Endless War’ with Crypto Hackers After $2.5B Stolen in 2025
2 Mins Read
Human Behavior Emerges as New Target Amid Rising Cybersecurity Efforts
The cryptocurrency industry is facing an “endless war” with hackers, despite advancements in blockchain security. According to Ronghui Gu, co-founder of blockchain security firm CertiK, hackers are adapting rapidly, shifting focus from technical exploits to human vulnerabilities.
CertiK’s latest report reveals that $2.47 billion was stolen in the first half of 2025 through hacks, scams, and exploits—a slight increase from the $2.4 billion lost in all of 2024. The second quarter saw a decline in incidents, with 59 fewer attacks and a 52% drop in value compared to Q1, yet losses remain severe.
The most devastating incident occurred on Feb. 21, when Bybit suffered a $1.4 billion hack, the largest cyberattack in crypto history.
“As long as there’s a weak point or some vulnerabilities out there, sooner or later they will be discovered,” said Gu during a live discussion. “So it’s an endless war.”
🚨 The Q2 + H1 2025 Hack3d Report is here.
$2.47B lost in the first half of the year. $801M lost in Q2 alone. Phishing and wallet compromise dominated the threat landscape.
Gu warned that next year’s hacks may still hit the billion-dollar level, despite stronger cybersecurity measures.
Hackers Shift to Social Engineering and Human Errors
As blockchain protocols become more secure, attackers are exploiting human psychology through phishing schemes and social engineering.
“If your protocol or layer 1 blockchain becomes more secure, they may target the human beings behind it—the ones holding private keys,” Gu explained.
Recent incidents underscore the trend. On Aug. 6, an investor lost $3 million in USDt by signing a malicious transaction. Another victim lost $900,000 in assets after unknowingly approving a fraudulent transaction, more than a year after the initial compromise.
CertiK’s data shows that in 2024, nearly half of all security breaches were linked to operational risks, including private key compromises, emphasizing the growing threat of human error.
With hackers and security firms locked in a technological arms race, user awareness and robust operational security are becoming as critical as smart contract audits. Experts warn that the weakest link in crypto remains human behavior, making education and security hygiene essential for investors and institutions alike.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.
