Crypto Hackers Steal ₱47.74 billion ($786 million) This Year Via Social Engineering
Social engineering has become the primary attack vector in crypto theft. Instead of exploiting code vulnerabilities, hackers build relationships with employees and pose as trusted partners to trick them into installing malicious software or signing unauthorized transactions.
Key Takeaway
Hackers now target employees with fake identities instead of exploiting code vulnerabilities.
Cyvers Vice President of Strategy Michael Pearl has a message for crypto developers: the person offering to invest in your project might be a North Korean hacker.
Crypto thieves have stolen ₱47.74 billion ($786 million) from projects this year using social engineering — tricking people instead of breaking code. The ₱91.11 billion ($1.5 billion) Bybit hack in February started when attackers posed as a trusted open-source contributor and convinced a developer to install malicious software. This month's $300 million Drift Protocol theft followed the same playbook, with hackers building relationships with the Solana exchange's team, posing as members of a legitimate trading organization, and tricking employees into signing transactions they didn't fully understand.
A single crypto holder lost $282 million in January. The HyperBridge hack in early April minted $1.2 billion in counterfeit tokens. Pearl said he's personally faced suspected social engineering attempts at conferences — people telling stories that sound too good to be true, wanting to invest or buy products, then sending suspicious links. Elliptic Vice President of Investigations Matt Price warned in October 2024 that social engineering attacks against crypto projects are rising, with artificial intelligence helping bad actors sharpen their techniques. The infamous Lazarus Group uses LinkedIn and fake job ads to target victims.
SVRN Chief Operating Officer David Schwed, who previously led digital asset development at BNY Mellon, blasted the industry's security narrative. He said DeFi projects blame artificial intelligence for finding obscure vulnerabilities when the reality is simpler: they build insecure systems and hackers find the flaws faster. Schwed said unless DeFi projects start thinking like traditional financial companies and put security first, hacks will continue.
Cyvers' Pearl said DeFi has become the primary target because everything has shifted from hacking systems to hacking humans. Billionaire crypto mogul Justin Sun begged North Korean hackers believed to be behind the Kelp DAO breach to come forward and negotiate in early April. Hackers stole $2.5 billion in crypto during 2024 according to DefiLlama data.
This article was written based on reporting from Dlnews.
