Cryptocurrency thieves reached unprecedented heights in 2025, stealing a record $2.7 billion through increasingly sophisticated social engineering attacks powered by artificial intelligence, according to new data from $6.5M In Venture Funding To Expand AI-driven Blockchain Security Solutions”>blockchain analysis firms Chainalysis and TRM Labs. The staggering figure represents the highest annual crypto theft total on record, driven primarily by state-sponsored North Korean hackers who accounted for $2.02 billion of the stolen funds.
The threat landscape has fundamentally shifted as cybercriminals weaponize AI tools to enhance traditional social engineering techniques, making phishing attempts and fraudulent communications nearly indistinguishable from legitimate ones. Security researchers warn that deepfake technology and voice cloning are creating a new generation of scams that challenge even experienced crypto users’ ability to detect malicious activity.
North Korean hackers demonstrated their growing capabilities through the year’s largest single heist, stealing $1.5 billion from Dubai-based exchange Bybit in February. The FBI attributed this breach to state-sponsored actors who have refined their tactics to include IT worker infiltration at cryptocurrency exchanges and sophisticated supply chain compromises. This massive theft alone exceeded the total crypto losses recorded in many previous years.
The evolution of attack methods reflects a concerning trend where criminals increasingly rely on psychological manipulation rather than technical exploits alone. A 2025 Gartner survey revealed that 62% of organizations experienced deepfake attacks involving social engineering, while 32% faced attacks against AI applications using malicious prompts. The FBI reported ongoing deepfake impersonation campaigns targeting U.S. government officials, using AI-powered voice cloning tools to extract sensitive information and conduct elaborate scams.
Individual crypto users bore the brunt of these sophisticated attacks, with the number of recorded thefts tripling from 2022 levels to reach 158,000 incidents in 2025. Unique victims doubled from 40,000 to 80,000, though the average amount stolen per victim decreased from previous years, suggesting attackers are casting wider nets to target more users with smaller but more frequent thefts totaling $713 million.
The tactics employed by these social engineering campaigns have become increasingly elaborate. Attackers now abuse legitimate OAuth 2.0 authentication systems to bypass multi-factor authentication, while others conduct voice phishing campaigns that drop traditional phone calls in favor of scalable email-based social engineering. Microsoft reported a surge in attacks exploiting OAuth device codes to hijack enterprise accounts, representing an evolution of techniques used earlier against major corporations including Google and Qantas.
Cryptocurrency exchanges and decentralized finance platforms have responded by implementing enhanced security measures and stricter know-your-customer verification processes. The European Union’s Markets in Crypto-Assets regulation and Digital Operational Resilience Act, implemented in 2025, increased compliance obligations for crypto firms while requiring stricter reporting standards and cybersecurity measures.
Security experts emphasize that traditional protection methods are becoming insufficient against AI-enhanced social engineering. The widespread use of SMS-based two-factor authentication presents particular vulnerabilities, as attackers can easily execute SIM-swapping attacks or intercept text messages. Cybersecurity agencies now recommend abandoning SMS authentication in favor of hardware security keys or authenticator applications that cannot be intercepted through social engineering.
The cryptocurrency industry faces mounting pressure to address these evolving threats as AI tools become more accessible to malicious actors. Blockchain analysis firms report that the sophistication of attacks will likely increase further in 2026, as generative AI enables fully automated reconnaissance and exploitation campaigns that require minimal human oversight.
The record theft figures underscore the critical need for comprehensive security education and robust technical safeguards as cryptocurrency adoption continues expanding. With traditional detection methods failing against AI-enhanced social engineering, both individual users and institutional players must fundamentally rethink their approach to digital asset security in an era where human psychology has become the primary attack vector.
Stay informed with daily updates from Blockchain Magazine on Google News. Click here to follow us and mark as favorite: [Blockchain Magazine on Google News].
Disclaimer: Any post shared by a third-party agency are sponsored and Blockchain Magazine has no views on any such posts. The views and opinions expressed in this post are those of the clients and do not necessarily reflect the official policy or position of Blockchain Magazine. The information provided in this post is for informational purposes only and should not be considered as financial, investment, or professional advice. Blockchain Magazine does not endorse or promote any specific products, services, or companies mentioned in this posts. Readers are encouraged to conduct their own research and consult with a qualified professional before making any financial decisions.
About the Author: Diana Ambolis
