Phishing schemes and private key theft are expected to be the most common types of cryptocurrency attacks in 2025, according to Blockchain security firm, CertiK. These forms of cybercrime are projected to target both individual crypto users and businesses as the cryptocurrency sector continues to grow in size and complexity.
According to the blockchain security firm, 2024 marked a troubling rise in on-chain security breaches, with losses surging to $2.36 billion across 760 incidents. Interestingly, the previous year's statistics signify a 31.61% jump from 2023.
Phishing attacks emerged as the most devastating threat, accounting for $1.05 billion, and representing nearly half the total losses. These attacks were executed through 296 incidents, accounting for 39% of all reported breaches.
Despite the volume, only three incidents inflicted losses exceeding $100 million, underscoring the pervasive and widespread nature of smaller-scale but highly impactful exploits.
It is worth noting that phishing attacks, which involve tricking users into revealing sensitive information, remain the primary method used by criminals to gain access to cryptocurrency holdings because of its simplicity. Notedly, it often involves fraudulent emails or fake websites that deceive users into entering their private keys or wallet credentials.
Private Key Theft Expected to Rise Amid Crypto Growth
Another major concern highlighted by cybersecurity experts is the theft of private keys. Private keys, which are used to access and control cryptocurrency wallets, are critical to securing digital assets. If a private key is compromised, the owner loses control of the associated funds, often with no way to recover them. Certik report noted that private key thefts resulted in $855,385,570 in forfeited funds from 65 attempts.
Meanwhile, reports indicate that hackers are increasingly targeting individuals and organizations that hold large amounts of cryptocurrency, as well as exchanges and wallet service providers. These attacks are often carried out through social engineering tactics or sophisticated malware designed to infiltrate a victim's device and steal private keys.
Ethereum Network Remains the Most Vulnerable
Ethereum emerged as the primary target for security breaches in 2024, with 403 of the year’s 760 hacks, scams, and exploits occurring on the network. These incidents resulted in staggering losses of $748.7 million, cementing Ethereum’s position as the most affected blockchain.
Phishing scams were also rampant on Ethereum, causing over $297.5 million in damages across 248 incidents, making it the most popular chain for such attacks.
Binance Smart Chain (BSC) followed as the second-most targeted network for phishing scams, highlighting its vulnerability amid the growing prevalence of these threats.
