CertiK: Hackers to Shift Focus from Code to Users by 2025, Leading to $2.1 Billion in Cryptocurrency Theft

Web3 cybersecurity company CertiK states that cryptocurrency hackers are abandoning the exploitation of smart contract vulnerabilities and are instead attacking users through social engineering techniques. As of 2025, losses from cryptocurrency-related attacks have exceeded $2.1 billion, with most losses stemming from wallet thefts and phishing attacks.
CertiK co-founder Ronghui Gu indicates that attack patterns have shifted from code vulnerabilities to exploiting human behavior vulnerabilities. The majority of the $2.1 billion loss is due to wallet thefts, poor key management, and operational issues. The industry must now invest in better wallet security and access control, as well as real-time transaction monitoring and simulation tools, to reduce future incidents. (Cointelegraph)