Crypto scammers have evolved their tactics. According to a recent report by the blockchain security firm CertiK, crypto hacks have evolved into social engineering of victims to reveal sensitive information instead of targeting contract vulnerabilities. So far in 2025, more than $2.2 billion has been stolen from investors by crypto hackers. The report by CertiK suggests that a sizeable chunk of these crypto hacks have come from phishing attacks and wallet compromises. Additionally, the report emphasises that a few major incidents among numerous hacks have caused significant losses and can be traced back to state-backed perpetrators or critical infrastructure flaws. Notably, CertiK mentions that the attacks on Bybit and Cetus Protocol have somewhat skewed the data since they accounted for about $1.78 billion of total losses, pushing these 2025 numbers above last year. Bybit suffered the biggest attack on its assets this year in February 2025, which left a $1.5 billion hole in its pocket. In the case of Cetus Protocol, a decentralised exchange based on Sui, the hackers used spoofed tokens and price manipulation to drain liquidity, leading to a loss of $225 million. Sui validators were able to freeze and return $162 million from the larger stolen amount. #CertiKInsight Thus far in 2025, on-chain incidents have led to ~$2.1B in losses. The majority of losses have come from wallet compromises and phishing, with an increase in data leaks its important to remain vigilant. pic.twitter.com/Cjm6QFHWqX — CertiK Alert (@CertiKAlert) May 23, 2025 Phishing attacks entail crypto scammers sharing deceptive links with the victims to get hold of their sensitive information, such as private keys to crypto wallets, etc. Ronghui Gu, the co-founder of CertiK, believes that the rise in phishing attacks that socially engineer victims to share sensitive information alludes to crypto scammers changing their attack protocols. Explore: 10+ Crypto Tokens That Can Hit 1000x in 2025 Trend of Wallet Breaches Becomes Alarming The report suggests that between January and June of 2025, crypto hackers carried out 334 attacks, amounting to a loss of $2.47 billion. Amongst these incidents, wallet breaches alone accounted for $1.7 billion from just 34 attacks. While CertiK has noted that private key compromises are on the decline, it has called the trend of wallet breaches “alarming.” Social engineering schemes have become a major threat. Schemes such as address poisoning do not require any hacking since the victim is tricked into sending assets to fraudulent wallet addresses. Case in point, a Bitcoin whale falling victim to a phishing scam on 30 April 2025, that cost him an eye-watering $330 million loss. Discounting the high-profile attacks on these two exchanges brings total losses to about $690 million, which is quite similar to last year, with Ethereum being the most targeted blockchain, witnessing 175 security-related events, accounting for over $1.6 billion in losses. Explore: Best New Cryptocurrencies to Invest in 2025 Crypto Hacks Exploit Code Vulnerabilities CertiK reported a dramatic rise in crypto losses driven by smart contract flaws in May, raking $229 million in damages, up from just $5 million in April. 1/ Top threats in Q2: • Phishing – $395M
• Code vulnerabilities – $236M
• Wallet compromise – $112M Despite the losses, total incidents dropped by 29% QoQ. — CertiK (@CertiK) June 30, 2025 As scams and hacks surge, physical attacks on private crypto holders are growing more brutal. According to Jameson Lopp, a bitcoin security advocate, this year has already seen reports of 32 wrench attacks (physical attacks), putting 2025 on track to surpass 2021’s record of 36. Nearly one-third occurred in France. In May alone, French authorities arrested 25 suspects tied to a Paris-based kidnapping ring. Notable cases include the January kidnapping and mutilation of Ledger co-founder David Balland during a failed ransom attempt, impostors posing as couriers abducted a trader’s father, severed a finger, and demanded €7 million, kidnappers attempted to take Paymium CEO Pierre Noizat’s daughter and grandson, and abductors in Las Vegas drove the victim into the Arizona desert. Explore: 9+ Best High-Risk, High-Reward Crypto to Buy in June 2025 Key Takeaways

• Crypto hackers are now socially engineering victims to gain access to sensitive information


• Investors have lost more than $2.2B to crypto scams in H1 2025


• Between January and June of 2025, crypto hackers carried out 334 attacks that amounted to a loss of $2.47 billion

Cetus Protocol, a leading DEX on the Sui Network, has been hacked, losing at least $200 million. CETUS, SUI, and Sui network meme coins crashed as a result. Here’s everything you need to know about the Cetus Protocol hack. There’s always a first for everything. Ethereum faced a hard fork barely a year after launching. While not a hack, the damage and controversy impacted Ethereum, causing splits in blockchain ideology. Cetus Protocol Hacked Launched in May 2023, the Sui Network enjoyed a smooth run until today, when the Cetus Protocol fell victim to hackers. Cetus(@CetusProtocol) on #SUI was hacked and lost more than $260M! The hacker is converting the stolen funds into $USDC and cross-chaining to #Ethereum to exchange for $ETH, with ~60M $USDC already cross-chained.https://t.co/b0uGu8icXrhttps://t.co/0BpKSaygmr pic.twitter.com/txfxLoImOd — Lookonchain (@lookonchain) May 22, 2025 The protocol lost between $220 and $230 million in an incident that sent shockwaves through the crypto and DeFi communities. Hacks not only result in the loss of valuables, data, and funds but also have severe side effects, sometimes even forcing sell-offs in some of the best cryptos to buy. The Cetus Protocol hack triggered a sell-off, causing CETUS to plummet by over 40% and trail some of the best Solana meme coins. (CETUSUSDT) What is Cetus Protocol? So, what happened? The Cetus Protocol is a decentralized exchange (DEX) on the Sui Network. It utilizes the concentrated liquidity market maker (CLMM) model pioneered by Uniswap and incorporates features from Trader Joe’s CLMM design. Beyond token swapping, Cetus is one of the largest liquidity providers on Sui. Within the Sui ecosystem, users primarily use Cetus to swap SUI/USDC, but as a DEX, it supports hundreds of liquidity pools for various tokens minted on the network. Over time, Cetus became a hub for trading meme coins on the scalable platform. What Happened? As a core DEX on Sui, Cetus was (as expected) a prime target for hackers. On May 22, they exploited multiple liquidity pools, draining $11 million from the SUI/USDC pool and wiping out funds from various meme coin pools, causing token prices to crash. (Source) The Lombard Staked BTC (LBTC) pool was among the hardest hit, nearly wiped out entirely. How did this Cetus Protocol hack happen? Analysts report that hackers gained control of all SUI-denominated liquidity pools. They then minted or deposited near-zero-value spoof tokens to manipulate CLMM price curves and reserves, extracting real assets without depositing equivalent value. Seems like all @CetusProtocol LP were drained Looking into tx, the likely exploit path was:
1. Swap in spoof token (e.g. BULLA → SUI), taking advantage of miscalculated price curve or broken reserve math. 2. Add liquidity with a near-zero amount, to manipulate internal LP… pic.twitter.com/FtpYRSpwWW — sashko (@d0rsky) May 22, 2025 This was possible due to a rounding bug in the liquidity pool logic. How @CetusProtocol was hacked A hacker abused a rounding bug in the liquidity pool logic. The bug?
Cetus miscalculated LP share:
If you added 1 token, it sometimes gave you the share as if you added 2.
Sounds stupid, but it worked. The exploit:
Flashloan… pic.twitter.com/Ibj3uf8KJG — Sui Corner (@SuiCorner) May 22, 2025 Although the Oracle was expected to detect this, Cetus attributed the exploit to a pricing Oracle malfunction. By then, hackers had stolen tokens worth over $200 million. Approximately $60 million in USDC was quickly bridged to Ethereum and swapped for ETH within an hour. But there is good news: Around $160 million has reportedly been frozen and will be returned to Cetus pools. ANNOUNCEMENT As of earlier today, we have confirmed that an attacker has stolen approximately $223M from Cetus Protocol. We have took immediate action to lock our contract preventing further theft of funds. $162M of the compromised funds have been successfully paused. We are… — Cetus (@CetusProtocol) May 22, 2025 Damage Control Underway at SUI As token prices plummeted, Cetus Protocol froze its contracts to halt further losses. It also promised a thorough investigation. Sui Network developers have pledged support. We’ve learned that a Cetus smart contract was hacked this morning for approximately $223M and Cetus subsequently paused their smart contracts to prevent further theft. Cetus worked together with the other DeFi protocols, the Sui Foundation, and the Sui validators to… https://t.co/Y1iw2sNnPW — Sui (@SuiNetwork) May 22, 2025 Amid the chaos, Changpeng Zhao, the Binance co-founder, said they would “do everything” to assist Sui, noting that the hack is “not a pleasant situation.” DISCOVER: Next 1000x Crypto – 11 Coins That Could 1000x in 2025 Cetus Protocol Hack, CETUS And SUI Prices Crash

• Cetus Protocol hacked, loses over $230 million
• Hackers targeted SUI-denominated liquidity pools 
• CETUS and SUI prices drop 
• Team and community investigating the incident, $160 million reportedly recovered