Social Engineering Cost Crypto Billions In 2025: How To Protect...

Crypto hackers took social engineering to a whole other level this year, and advances in artificial intelligence mean scams are about to get even harder to detect.

The majority of crypto exploits in the coming year won’t be caused by a zero-day bug in your favorite protocol, say crypto security experts. It’s going to be caused by you.

That’s because 2025 has shown that the majority of hacks don’t start with malicious code; they begin with a conversation, Nick Percoco, chief security officer of crypto exchange Kraken, told Cointelegraph.

From January to early December 2025, data from Chainalysis shows that the crypto industry witnessed over $3.4 billion in theft, with the February compromise of Bybit accounting for nearly half of that total.

During the attack, bad actors gained access through social engineering, injected a malicious JavaScript payload that allowed them to modify transaction details and siphon off funds.

Social engineering is a cyberattack method that manipulates people into revealing confidential information or performing actions that compromise security.

Percoco said the battleground for crypto security will be in the mind, not cyberspace.

Supply chain compromises have also proven to be a key challenge this year, according to Percoco, as a seemingly minor breach can prove to be devastating later on, because “it’s a digital Jenga tower, and the integrity of every single block matters.”

In the year ahead, Percoco recommends reducing human trust points through actions like automating defenses where possible and verifying every digital interaction through authentication in a “shift from reactive defense to proactive prevention.”

“In crypto especially, the weakest link remains human trust, amplified by greed and FOMO. That’s the crack that attackers exploit every time. But no technology replaces good habits,” he added.

Source: CoinTelegraph