CertiK predicts 'endless war' with crypto hackers after $2.5B stolen

3 hours ago

Despite the crypto industry’s ongoing cybersecurity efforts, protocols are engaged successful an endless warfare with cryptocurrency hackers, who proceed to onslaught the weakest nexus successful crypto protocols, which is often a quality behavioral element.

The manufacture is engaged successful unfair warfare with atrocious actors, who lone request a azygous constituent of vulnerability to exploit a protocol, according to Ronghui Gu, prof of machine subject astatine Columbia University and the co-founder of blockchain information level CertiK.

“As agelong arsenic there’s a anemic constituent oregon immoderate vulnerabilities retired there, sooner oregon aboriginal they volition beryllium discovered by these attackers,” said Gu, speaking during Cointelegraph’s Chain Reaction regular unrecorded X spaces show, adding:

“So it's an endless war.”

“But I’m acrophobic that adjacent year’s [hacks] volition inactive beryllium astatine a billion-dollar level,” said Gu, adding that some cybersecurity efforts and cybercriminals are becoming stronger. Still, attackers lone request to find a azygous bug successful the millions of lines of codification audited regular by CertiK.

https://t.co/Z5iwqJqEpD

— Zoltan Vardai (@ZVardai) August 22, 2025

Losses to crypto hacks and exploits spiked to $2.47 cardinal in the archetypal fractional of 2025, contempt declining hacks successful the 2nd quarter. Over $800 cardinal was mislaid crossed 144 incidents successful Q2, a 52% alteration successful worth mislaid compared to the erstwhile quarter, with 59 less hacking incidents, CertiK said successful a study connected Tuesday.

The archetypal fractional of 2025 has seen much than $2.47 cardinal successful losses due to hacks, scams and exploits, representing a astir 3% summation implicit the $2.4 cardinal stolen successful each of 2024.

The lion’s stock of the mislaid worth was attributed to a azygous incident, a $1.4 cardinal Bybit hack connected Feb. 21, marking the largest cyberexploit successful crypto history.

Blockchain cybersecurity improvements volition unit hackers to people quality behaviour

The industry’s ever-evolving cybersecurity measures are forcing hackers to look for caller vulnerabilities to exploit, including loopholes successful quality psychology, according to CertiK’s Gu, who explained:

“Let's accidental that your protocol oregon furniture 1 blockchain becomes much secure. Then they whitethorn people quality beings down it. The radical who person the backstage cardinal and truthful on.”

During 2024, astir fractional of the crypto industry’s information incidents were caused by “operational risks” specified arsenic backstage cardinal compromises, Gu added.

Hackers are progressively targeting anemic links successful quality behaviour, arsenic highlighted by this year’s renewed question of cryptocurrency phishing scams, which are societal engineering schemes successful which attackers stock fraudulent links to bargain victims’ delicate information, specified arsenic backstage keys to cryptocurrency wallets.

On Aug. 6, an capitalist mislaid $3 cardinal with a azygous incorrect click, aft accidentally signing a malicious blockchain transaction that drained $3 cardinal worthy of USDt (USDT) from his wallet.

Like astir investors, the unfortunate apt validated the wallet code by lone matching the archetypal and past fewer characters earlier transferring the $3 cardinal to the malicious actor. The quality would person been noticeable successful the mediate characters, often hidden connected platforms to amended ocular appeal.

Another unfortunate mislaid implicit $900,000 worthy of integer assets to a sophisticated phishing attack connected Aug. 3, 458 days aft unknowingly signing a malicious support transaction for a wallet-draining scam, Cointelegraph reported.