Loading prices…
〽️NEUTRAL

Crypto Hacks Hit Record High as Treasury Flags $10B Scam Threat

Treasury's $10B scam warning and a new DeFi coalition show the industry is finally treating social engineering and state-linked hackers as the primary attack surface, not smart-contract bugs.

Crypto hacks hit a record count over the past year, but the US Treasury's $10 billion scam warning and a newly formed DeFi security coalition point to where the real risk now sits: AI-enabled social engineering and state-linked attackers, not auditable smart-contract code.

Treasury flagged the scale of the problem in a recent advisory, estimating Americans lost roughly $10 billion to crypto-related scams last year, a figure that pulled social engineering and North Korea-linked operations squarely into the mainstream policy conversation. The warning lands as on-chain investigators increasingly attribute the largest individual thefts to compromised private keys, phishing kits, and insider coercion rather than protocol-level exploits.

Why it matters

For years the industry's security posture has centered on smart-contract audits, formal verification, and bug bounties. Those controls do not stop an employee from approving a malicious transaction under pressure from a deepfake CEO video, nor do they prevent a North Korea-linked operator from walking out of an interview with credentials to a treasury wallet. The pattern of recent high-profile incidents suggests the human and operational layer is now the weakest surface in crypto, while the engineering layer has matured.

Market impact

A new DeFi coalition is trying to convert that realization into an industry baseline: shared threat-intel feeds, coordinated disclosures, wallet-policy standards, and a push to treat cybersecurity as a procurement-grade requirement rather than a marketing line. For protocols and institutional custodians, the practical read is that capital and partners will start pricing social-engineering controls the way they now price audits.

Frequently asked questions

  1. How many crypto hacks happened over the past year?

    Hacks reached a record count over the past year, though Treasury's framing emphasizes that the largest losses increasingly come from social engineering and state-linked operations rather than smart-contract exploits.

  2. What did the US Treasury $10 billion scam warning cover?

    The advisory estimated Americans lost roughly $10 billion to crypto-related scams, putting AI-enabled social engineering and North Korea-linked operations at the center of US policy attention.

  3. Why are social-engineering attacks harder for audits to catch?

    Audits and formal verification cover code, not human behavior. A compromised employee approving a malicious transaction or handing over wallet keys bypasses every protocol-level control.

  4. What is the new DeFi security coalition trying to do?

    It is pushing shared threat-intel feeds, coordinated disclosures, and wallet-policy standards so that operational cybersecurity becomes a procurement-grade industry requirement rather than a marketing claim.

  5. How could this shift affect crypto protocols and custodians?

    Investors and partners are likely to price social-engineering controls the way they price audits, making key-management discipline and incident-response history table-stakes for fundraising, listings, and institutional custody mandates.

Source attribution
Aggregated from CryptoSlate · Verified · Last refreshed 56m ago
Open original →