In the second quarter of 2025, crypto users saw a wave of thefts fueled by social manipulation. Hackers shifted away from technical exploits. Instead, they leaned on clever schemes, fake giveaways, and phishing traps to steal assets.
Through its “Mist Track” tool, the slow paper handles and tracks these incidents of theft. It helps victims of crypto theft to track the stolen funds. In this quarter, the firm received about 429 reports related to stolen funds.
Most of them came from local users, while the remaining users were international. Her team provided a free study of the case and helped to cool or recover about $12 million in digital assets.
Reason for cybercrime-related financial loss: phishing was on top. In one incident, a user lost $6.5 million by purchasing an online defective cold liver. The thief had pre-charged the wallet, collected private keys, and closed the package to look real.
Crypto malware hijacks browser Wallets
In a backfired incident, a promotional wallet drained all its funds due to the malicious code integrated into it. Using the recently introduced EIP-7702, hackers tricked users into siphoning off funds. This feature allows users to delegate actions to smart contracts.
In one instance, the hacker employed an authentic smart contract to secure necessary approvals from the user. This action led to the draining of $140,000, all without raising any alarms with the user during the act. Browser extensions were also influential. One extension pretended to be a security measure, replacing legitimate downloads with harmful files.
Malware forms collect sensitive data, including browser information and registered credentials, so that attackers can control wallets and accounts. Social media applications were integrated into the threat. Numerous WeChat reports have been replaced by users.
Hackers impersonate teams for scams
Right after the hijacking, the attackers began to manipulate their buddies to invest in fraudulent crypto deals. In some instances, the attackers used public data to act as if they were part of an official team and guide the victims to install bogus wallets or go to phishing sites. One widespread fraud incident led users to a fake website under the guise of a ‘signature checker.’
Risk Key Phishing. This lesson highlights a website that imitates a popular device for confirming confirmations. The site encourages people to enter their private keys, claiming it will check for risks. In reality, once you provide your key, the thieves collect information and seize full control of your wallet. Novel plays on people by looking out to protect them.
These methods do not depend on sophisticated coding knowledge. They depend on emotion, urgency, fear, and misplaced trust. Hackers know how to convert users to quick decisions, making these frauds effective. Crypto users have to confirm everything, even when it seems legitimate. can be fake.
Security now encompasses not only wallets but also browsers, chats, and e-post offices. In this development landscape of digital danger, each click matters. In the future, crypto fraud will be intelligent. The system will not annoy people, nor will systems. Maintaining an alarm and informing will be the best protection.
